ProHoster > Blog > Utongi > Sei Indaneti ichiri paIndaneti?

Sei Indaneti ichiri paIndaneti?

IInternet inoita seyakasimba, yakazvimiririra uye isingagoneki. Mukutaura, network yakasimba zvakakwana kuti ipone kuputika kwenyukireya. Muchokwadi, iyo Internet inogona kudonhedza imwe diki router. Zvese nekuti iyo Internet murwi wekupokana, kushaya simba, zvikanganiso uye mavhidhiyo nezve katsi. Iyo musana weInternet, BGP, izere nematambudziko. Zvinoshamisa kuti achiri kufema. Mukuwedzera kune zvikanganiso muInternet pachayo, zvakare yakaputsika nevose uye zvakasiyana-siyana: makuru eInternet providers, makambani, nyika uye DDoS kurwisa. Chii chekuita nezvazvo uye kuti ungararama sei nazvo?

Sei Indaneti ichiri paIndaneti?

Anoziva mhinduro Alexey Uchakin (Husiku_Nyoka) ndiye mutungamiri wechikwata chetiweki mainjiniya kuIQ Option. Basa rayo guru ndeyekuwanika kwepuratifomu yevashandisi. Mune chinyorwa chemushumo waAlexey pamusoro Saint HighLoad++ 2019 Ngatitaurei nezve BGP, DDOS kurwiswa, Internet switches, vanopa zvikanganiso, decentralization uye makesi apo diki router akatumira Internet kurara. Pakupedzisira - akati wandei matipi ekuti ungapona sei zvese izvi.

Zuva iro Internet Yakabuda

Ini ndichataura zviitiko zvishoma apo kubatana kweInternet kwakaparara. Izvi zvichava zvakakwana kumufananidzo wakakwana.

"AS7007 Chiitiko". Nguva yekutanga iyo Internet yakaputsika muna Kubvumbi 1997. Paive nebug mune software yeimwe router kubva ku autonomous system 7007. Pane imwe nguva, router yakazivisa tafura yayo yemukati yekutenderera kune vavakidzani vayo uye yakatumira hafu yetiweki mugomba dema.

"Pakistan inopesana neYouTube". Muna 2008, vakomana vakashinga kubva kuPakistan vakasarudza kuvhara YouTube. Vakazviita zvakanaka zvekuti hafu yenyika yakasara isina katsi.

"Kutorwa kweVISA, MasterCard uye Symantec prefixes neRostelecom". Muna 2017, Rostelecom yakatanga kuzivisa zvisizvo VISA, MasterCard uye Symantec prefixes. Nekuda kweizvozvo, traffic yemari yakafambiswa kuburikidza nematanho anodzorwa nemupi. Kudonha kwacho hakuna kugara kwenguva refu, asi kwaive kusingafadze kumakambani emari.

Google vs Japan. Muna Nyamavhuvhu 2017, Google yakatanga kuzivisa prefixes yevakuru vekuJapan vanopa NTT neKDDI mune mamwe ayo uplinks. The traffic yakatumirwa kuGoogle sekufambisa, pamwe nekukanganisa. Sezvo Google isiri mupi uye isingatenderi traffic, chikamu chakakosha cheJapan chakasara chisina Internet.

"DV LINK yakabata prefixes yeGoogle, Apple, Facebook, Microsoft". Zvakare muna 2017, mupi weRussia DV LINK nekuda kwechimwe chikonzero akatanga kuzivisa network yeGoogle, Apple, Facebook, Microsoft nevamwe vatambi vakuru.

"eNet kubva kuUSA yatora AWS Route53 uye MyEtherwallet prefixes". Muna 2018, mupi weOhio kana mumwe wevatengi vayo akazivisa iyo Amazon Route53 uye MyEtherwallet crypto wallet network. Kurwiswa kwakabudirira: kunyangwe kunyangwe chitupa chakasaina, yambiro pamusoro peiyo yakaonekwa kumushandisi paakapinda pawebhusaiti yeMyEtherwallet, zvikwama zvakawanda zvakabiwa uye chikamu chekristptocurrency chakabiwa.

Pane zviitiko zvakadaro zvinopfuura 2017 14 muna 000 chete! Iyo network ichiri decentralized, saka hazvisi zvese uye kwete munhu wese anoputsika. Asi kune zviuru zvezviitiko, zvese zvine chekuita neBGP protocol inopa simba paInternet.

BGP nematambudziko ayo

Protocol BGP - Border Gateway Protocol, yakatanga kutsanangurwa muna 1989 nevainjiniya vaviri kubva kuBMM neCisco Systems pamatatu "napkins" - A4 mapepa. Izvi "napkins" vachiri kugara paCisco Systems mahofisi makuru muSan Francisco sechisaririra chepasirese network.

Iyo protocol yakavakirwa pakudyidzana kweautonomous system - Autonomous Systems kana AS kwenguva pfupi. Iyo inozvimiririra sisitimu ingori ID iyo IP network inopihwa mune yeruzhinji registry. Router ine ID iyi inogona kuzivisa iyi network pasirese. Saizvozvo, chero nzira paInternet inogona kumiririrwa sevector, iyo inonzi AS Path. Iyo vector ine nhamba dzeautonomous masisitimu anofanirwa kufambiswa kuti asvike kune network yekuenda.

Semuenzaniso, kune network yehuwandu hweautonomous system. Iwe unofanirwa kuwana kubva kuAS65001 system kuenda kuAS65003 system. Iyo nzira kubva kune imwe system inomiririrwa neAS Path mudhayagiramu. Inosanganisira maitiro maviri ekuzvimiririra: 65002 uye 65003. Pakero imwe neimwe yekuenda kune AS Path vector, iyo inosanganisira nhamba dzezvirongwa zvekuzvimiririra zvatinoda kupfuura.

Sei Indaneti ichiri paIndaneti?

Saka ndeapi matambudziko neBGP?

BGP iprotocol yekuvimba

Iyo BGP protocol ndeyekuvimba kwakavakirwa. Izvi zvinoreva kuti tinovimba nemuvakidzani wedu nekutadza. Ichi chinhu chezvizhinji maprotocol akagadzirwa pakutanga chaiko kweInternet. Ngatione kuti "kuvimba" zvinorevei.

Hapana chokwadi chemuvakidzani. Pakare, kune MD5, asi MD5 muna 2019 ndizvo chete ...

Hapana kusefa. BGP ine mafirita uye anotsanangurwa, asi haana kushandiswa kana kushandiswa zvisizvo. Ndichatsanangura chikonzero gare gare.

Zviri nyore kwazvo kugadzira nharaunda. Kumisikidza nharaunda muBGP protocol pane chero chero router mitsara yakati wandei yegadziriro.

Hapana kodzero dzekutonga dzeBGP dzinodiwa. Iwe haufanirwe kutora bvunzo kuratidza hunyanzvi hwako. Hapana achakutorera kodzero dzako dzekugadzirisa BGP wakadhakwa.

Matambudziko maviri makuru

Prefix hijacks. Prefix hijacking kushambadza network isiri yako, sezviri kuitika kuMyEtherwallet. Isu takatora mamwe maprefixes, takabvumirana neanopa kana kuibaya, uye kuburikidza nazvo tinozivisa aya ma network.

Kudonha kwenzira. Kubvinza kwakatonyanya kuoma. Leak ishanduko muAS Path. Kunyanya, shanduko inozokonzeresa kunonoka nekuti iwe unofanirwa kufamba nzira refu kana pane shoma capacious link. Zvakaipisisa, nyaya neGoogle neJapan ichadzokororwa.

Google pachayo haisi mushandisi kana transit autonomous system. Asi paakazivisa ma network evashandisi vekuJapan kumupi wake, traffic kuburikidza neGoogle kuburikidza neAS Path yakaonekwa sechinhu chakakosha. Traffic yakaenda ikoko ndokudonha nekuda kwekuti marongero enzira mukati meGoogle akaomarara pane kungosefa pamuganho.

Sei masefa asingashande?

Hapana anebasa nazvo. Ichi ndicho chikonzero chikuru - hapana ane hanya. Mutariri wemupi mudiki kana kambani yakabatana nemupi kuburikidza neBGP yakatora MikroTik, yakagadziridzwa BGP pairi uye haatomboziva kuti mafirita anogona kugadzirwa ipapo.

Zvikanganiso zvekugadzirisa. Vakakanganisa chimwe chinhu, vakakanganisa mumasiki, vakapfeka mesh isiriyo - uye iko zvino kwave kukanganisa zvakare.

Hapana hunyanzvi hwekuita. Semuenzaniso, vanopa telecom vane vatengi vakawanda. Chinhu chakangwara chekuita ndechekugadzirisa otomatiki mafirita emutengi wega wega - kutarisa kuti ane network nyowani, kuti akarenda kune mumwe munhu network yake. Zvakaoma kutevera izvi, uye zvakatonyanya kuoma nemaoko ako. Naizvozvo, vanongoisa mafirita akasununguka kana kusaisa mafirita zvachose.

Kusiyanisa. Pane zvinosiyana kune vanodiwa uye makuru vatengi. Kunyanya munyaya ye inter-operator interfaces. Semuyenzaniso, TransTeleCom neRostelecom vane mambure etiweki uye pane chinongedzo pakati pavo. Kana mubatanidzwa ukawira, hazvizove zvakanaka kune ani zvake, saka mafiritsi akasununguka kana kubviswa zvachose.

Ruzivo rwechinyakare kana rusina basa muIRR. Mafirita anovakwa zvichienderana neruzivo rwakanyorwa mukati IRR - Internet Routing Registry. Aya ndiwo maregistries eregional Internet registrars. Kazhinji, maregistries ane ruzivo rwechinyakare kana rusina basa, kana zvese zviri zviviri.

Ndivanaani ava maregistrars?

Sei Indaneti ichiri paIndaneti?

Kero dzese dzeInternet ndedzesangano IANA - Indaneti Yakapiwa Nhamba dzeChiremera. Paunotenga IP network kubva kune mumwe munhu, hausi kutenga kero, asi kodzero yekuishandisa. Kero chinhu chisingabatike uye nechibvumirano chakafanana vese ndeveIANA.

Iyo system inoshanda seizvi. IANA inotumira manejimendi ekero dzeIP uye inozvimiririra system manhamba kune mashanu edunhu registrars. Vanoburitsa autonomous systems LIR - vanyori vemunharaunda internet. MaLIR anobva agovera IP kero kune vanopedza vashandisi.

Izvo zvakashata zvehurongwa ndezvekuti imwe neimwe yevanyori vematunhu inochengetedza zvinyorwa zvayo nenzira yayo. Wese munhu ane maonero ake ekuti ndeupi ruzivo runofanira kunge rwuri mumarejista, uye ndiani anofanirwa kana kusafanira kutarisa. Mhedzisiro ndiyo mess yatava nayo ikozvino.

Ndezvipi zvimwe zvaungagona kurwisa matambudziko aya?

IRR - mediocre mhando. Zvakajeka neIRR - zvese zvakaipa ipapo.

BGP-nharaunda. Uhu humwe hunhu hunotsanangurwa muprotocol. Tinogona kubatanidza, semuenzaniso, nharaunda yakakosha kuchiziviso chedu kuitira kuti muvakidzani arege kutumira network yedu kune vavakidzani vake. Kana isu tine P2P chinongedzo, isu tinongochinjana network yedu. Kudzivirira nzira kubva netsaona kuenda kune mamwe network, isu tinowedzera nharaunda.

Nharaunda haishanduke. Inogara iri kondirakiti yevaviri, uye ichi ndicho chinokanganisa chavo. Hatigone kugovera chero nharaunda, kunze kweimwe, inogamuchirwa nekusarudzika nemunhu wese. Hatingave nechokwadi chekuti munhu wese achagamuchira nharaunda iyi uye nekuidudzira nemazvo. Naizvozvo, mune yakanakisa kesi, kana iwe uchibvumirana neuplink yako, iye achanzwisisa zvaunoda kubva kwaari maererano nenharaunda. Asi muvakidzani wako anogona kunge asinganzwisise, kana mushandisi anongogadzirisa tag yako, uye iwe haugone kuzadzisa zvawaida.

RPKI + ROA inogadzirisa chete chikamu chidiki chematambudziko. RPKI ndizvo Resource Public Key Infrastructure  - chimiro chakakosha chekusaina ruzivo rwekufambisa. Ipfungwa yakanaka kumanikidza maLIR nevatengi vavo kuchengetedza yazvino kero nzvimbo dhatabhesi. Asi pane dambudziko rimwe chete nazvo.

RPKI zvakare iri hierarchical yeruzhinji kiyi system. IANA ine kiyi kubva kuRIR makiyi anogadzirwa, uye kubva kupi LIR makiyi anogadzirwa? yavanosaina nayo nzvimbo yekero vachishandisa ROAs - Route Origin Authorisation:

- Ndinokuvimbisa kuti chivakashure ichi chichaziviswa pachinzvimbo chedunhu rino rinozvitonga.

Pamusoro peROA, kune zvimwe zvinhu, asi zvakawanda nezvazvo gare gare. Zvinoita sechinhu chakanaka uye chinobatsira. Asi haitidziviriri kubva kumvura kubva paizwi rekuti "zvese" uye haigadzirise matambudziko ese nekubiwa kwe prefix. Naizvozvo, vatambi havasi kukurumidza kuzviita. Kunyangwe pachitova nevimbiso kubva kuvatambi vakuru vakaita seAT&T uye makambani makuru eIX ayo prefixes ane risingaite ROA rekodhi achadonhedzwa.

Zvichida vachaita izvi, asi ikozvino tine nhamba huru ye prefixes iyo isina kusaina chero nzira. Kune rimwe divi, hazvizivikanwe kana vakaziviswa zviri pamutemo. Kune rimwe divi, isu hatigone kuadonhedza nekukasira, nekuti isu hatina chokwadi chekuti izvi ndezvechokwadi here kana kwete.

Chii chimwe chiripo?

BGPSec. Ichi chinhu chinotonhorera icho nyanzvi dzakauya nacho kune network yepink poni. Vakati:

-Tine RPKI + ROA - dhizaini yekusimbisa nzvimbo siginecha yekero. Ngatigadzire yakaparadzana BGP hunhu toidaidza kuti BGPSec Path. Router yega yega inosaina neyayo siginicha zviziviso zvainozivisa kune vavakidzani vayo. Nenzira iyi isu tichawana nzira yakavimbika kubva kuketani yezviziviso zvakasainwa uye tichakwanisa kuzvitarisa.

Zvakanaka muchirevo, asi mukuita kune matambudziko akawanda. BGPSec inotyora akawanda aripo eBGP makanika ekusarudza anotevera-hops uye kutonga inouya / inobuda traffic zvakananga parouter. BGPSec haishande kusvika 95% yemusika wese yazviita, iyo pachayo iri utopia.

BGPSec ine matambudziko makuru ekuita. Pane yazvino hardware, kumhanya kwekutarisa zviziviso kunosvika makumi mashanu prefixes pasekondi. Kuenzanisa: tafura yeInternet yazvino ye50 prefixes ichaiswa mumaawa mashanu, panguva iyo ichachinja 700 dzimwe nguva.

BGP Open Policy (Basa-based BGP). Chikumbiro chitsva chakavakirwa pamuenzaniso Gao-Rexford. Aya masayendisiti maviri ari kuongorora BGP.

Iyo Gao-Rexford modhi yakaita seiyi. Kurerutsa, neBGP kune nhamba diki yemhando dzekudyidzana:

  • Provider Mutengi;
  • P2P;
  • kutaurirana kwemukati, taura iBGP.

Zvichienderana nebasa reiyo router, zvave kutogoneka kugovera mamwe marongero ekunze / ekunze nekusarudzika. Mutungamiri haafaniri kugadzirisa mazita ekutanga. Zvichienderana nebasa iro marouters anobvumirana pakati pavo uye anogona kusetwa, isu tatogamuchira mamwe mafirita akasarudzika. Uku ndiko kunyorwa kuri kukurukurwa muIETF. Ndinovimba kuti munguva pfupi tichaona izvi muchimiro cheRFC uye kuita pane Hardware.

Vakuru veInternet vanopa

Ngatitarisei muenzaniso weanopa CenturyLink. Ndiyo yechitatu yakakura kwazvo mupi weUS, inoshandira 37 nyika uye ine gumi neshanu nzvimbo dzedata. 

Muna Zvita 2018, CenturyLink yaive pamusika weUS kwemaawa makumi mashanu. Munguva yechiitiko ichi, pakanga paine matambudziko nekushanda kweATM mumatunhu maviri, uye nhamba ye50 yakanga isingashande kwemaawa akati wandei mumatunhu mashanu. Iyo lottery muIdaho yakaparadzwa zvachose. Chiitiko ichi parizvino chiri kuferefetwa neUS Telecommunications Commission.

Chikonzero chenjodzi yaive imwe network network mune imwe data center. Iyo kadhi haina kushanda zvakanaka, yakatumira mapaketi asiri iwo, uye ese gumi nemashanu emupi wedhata nzvimbo dzakadzika.

Sei Indaneti ichiri paIndaneti?

Pfungwa iyi haina kushanda kumupi uyu "yakanyanya kudonha". Pfungwa iyi haishande zvachose. Iwe unogona kutora chero mutambi mukuru uye woisa zvimwe zvinhu zvidiki pamusoro. IUS ichiri kuita zvakanaka nekubatanidza. CenturyLink vatengi vaive nenzvimbo yekuchengetera vakapinda mairi mumapoka. Ipapo vamwe vashandisi vakanyunyuta nezvekuti malink avo ari kuwandirwa.

Kana iyo mamiriro Kazakhtelecom akadonha, nyika yese ichasara isina Internet.

Makambani

Pamwe Google, Amazon, FaceBook nemamwe makambani anotsigira Internet? Kwete, vanochityorawo.

Muna 2017 muSt. Petersburg pamusangano weENOG13 Jeff Houston kubva APnic kuunzwa shuma "Kufa kweTransit". Inoti isu takajaira kudyidzana, kuyerera kwemari uye traffic paInternet yakamira. Isu tine vadiki vanopa vanobhadhara yekubatanidza kune makuru, uye ivo vanotobhadhara yekubatanidza kune yepasi rose.

Sei Indaneti ichiri paIndaneti?

Iye zvino tine chimiro chakadaro chakatwasuka. Zvese zvingave zvakanaka, asi nyika iri kuchinja - vatambi vakuru vari kuvaka tambo dzavo dze transoceanic kuti vazvivakire vega musana.

Sei Indaneti ichiri paIndaneti?
Nhau nezveCDN tambo.

Muna 2018, TeleGeography yakaburitsa chidzidzo chekuti inopfuura hafu yetraffic paInternet haisisiri iyo Internet, asi iyo backbones CDN yevatambi vakuru. Iyi ndiyo traffic ine hukama neInternet, asi iyi haisisiri network yataitaura nezvayo.

Sei Indaneti ichiri paIndaneti?

Indaneti iri kupatsanurwa kuita seti hombe yemanetiweki akasununguka.

Microsoft ine network yayo, Google ine yayo, uye vane zvishoma kupindirana kune mumwe nemumwe. Traffic yakatanga kumwe kuU.SA inopfuura nemumakombi eMicrosoft mhiri kwegungwa kuenda kuEurope kumwe paCDN, ipapo kuburikidza neCDN kana IX inobatana nemupi wako uye inosvika kune yako router.

Decentralization iri kupera.

Uku kusimba kweInternet, uko kuchaibatsira kupona nekuputika kwenyukireya, kuri kurasika. Nzvimbo dzekusangana kwevashandisi uye traffic dzinoonekwa. Kana iyo Google Cloud inomisikidzwa ikadonha, pachave nevazhinji vanobatwa kamwechete. Isu takanzwa izvi muchikamu apo Roskomnadzor yakavharira AWS. Uye muenzaniso weCenturyLink unoratidza kuti kunyange zvinhu zvidiki zvakakwana kune izvi.

Kare, kwete zvose uye havasi vose vakaputsika. Mune ramangwana, tinogona kusvika kumhedziso yokuti nekufurira mumwe mutambi mukuru, tinogona kuputsa zvinhu zvakawanda, munzvimbo dzakawanda uye muvanhu vakawanda.

States

Nyika dzinotevera mumutsara, uye izvi ndizvo zvinowanzoitika kwavari.

Sei Indaneti ichiri paIndaneti?

Pano Roskomnadzor yedu haisi kana piyona zvachose. Muitiro wakafanana wekuvharwa kweInternet uripo muIran, India, nePakistan. MuEngland kune bhiri pamusoro pekugona kuvhara Indaneti.

Chero nyika yakakura inoda kuwana switch yekudzima Internet, ingave yakakwana kana muzvikamu: Twitter, Telegraph, Facebook. Hazvirevi kuti havanzwisisi kuti havazombofi vakabudirira, asi vanochida chaizvo. Shanduko inoshandiswa, sekutonga, nekuda kwezvematongerwo enyika - kubvisa vakwikwidzi vezvematongerwo enyika, kana sarudzo dzave kusvika, kana maRussia hackers akatyora chimwe chinhu zvakare.

DDoS inorwisa

Ini handisi kuzobvisa chingwa kubva kune shamwari dzangu kubva kuQrator Labs, vanozviita zvirinani kupfuura ini. Vakadaro mushumo wegore paInternet kugadzikana. Uye izvi ndizvo zvavakanyora mumushumo we2018.

Ivhareji yenguva yekurwiswa kweDDoS inodonha kusvika maawa 2.5. Vanorwisa vanotangawo kuverenga mari, uye kana zviwanikwa zvisingawaniki pakarepo, zvino vanokurumidza kuisiya.

Kunyanya kurwiswa kuri kuwedzera. Muna 2018, takaona 1.7 Tb/s pane Akamai network, uye uyu hausi muganho.

Mavekita matsva ekurwisa ari kubuda uye ekare ari kuwedzera. Maprotocol matsva ari kubuda ayo anogona kukwidziridzwa, uye kurwiswa kutsva kuri kubuda pamaprotocol aripo, kunyanya TLS nezvimwe zvakadaro.

Yakawanda yetraffic inobva kune nharembozha. Panguva imwecheteyo, traffic yeInternet inoshanduka kune vatengi venhare. Vese vanorwisa nevanodzivirira vanofanirwa kugona kushanda neizvi.

Isingakuvadzi - kwete. Iyi ndiyo pfungwa huru - hapana kuchengetedzwa kwepasirese kunozo chengetedza kubva kune chero DDoS.

Iyo system haigone kuiswa kunze kwekunge yakabatana neInternet.

Ndinovimba ndakutyai zvakakwana. Ngatifungei kuti toita sei nezvazvo.

Kuita sei?!

Kana uine nguva yekusununguka, chido uye ruzivo rweChirungu, tora chikamu mumapoka anoshanda: IETF, RIPE WG. Aya ndiwo mazita akazaruka etsamba, kunyorera kune zvinyorwa zvetsamba, kutora chikamu munhaurirano, huya kumisangano. Kana uine chimiro cheLIR, unogona kuvhota, semuenzaniso, muRIPE pamatanho akasiyana.

Kuvanhuwo zvavo izvi ndizvo monitoring. Kuziva kuti chii chakatyoka.

Monitoring: chii chekutarisa?

Normal Ping, uye kwete chete cheki yebhinari - inoshanda kana kwete. Rekodha RTT munhoroondo kuitira kuti utarise zvinokanganisa gare gare.

Traceroute. Ichi chirongwa chekushandisa chekutarisa nzira dzedhata paTCP/IP network. Inobatsira kuona anomalies uye blockages.

HTTP inoongorora maURL akasarudzika uye zvitupa zveTLS ichabatsira kuona kuvharika kana DNS spoofing yekurwiswa, chiri chinhu chimwe chete. Kuvhara kunowanzoitwa neDNS spoofing uye nekushandura traffic kune stub peji.

Kana zvichikwanisika, tarisa zvakatemwa nevatengi vako nezvekwaunobva kunzvimbo dzakasiyana kana uine application. Izvi zvinokubatsira kuona DNS kubira anomalies, chimwe chinhu icho vanopa dzimwe nguva vanoita.

Monitoring: kupi kutarisa?

Hapana mhinduro yepasi rose. Tarisa kuti mushandisi ari kubva kupi. Kana vashandisi vari muRussia, tarisa kubva kuRussia, asi usazviremekedze pazviri. Kana vashandisi vako vachigara munzvimbo dzakasiyana, tarisa kubva kumatunhu aya. Asi zviri nani kubva kumativi ose enyika.

Monitoring: chii chekutarisa?

Ndakawana nzira nhatu. Kana iwe uchiziva zvakawanda, nyora mumashoko.

  • RIPE Atlas.
  • Commercial monitoring.
  • Yako wega network yevirtual machines.

Ngatitaure nezvemumwe nemumwe wavo.

RIPE Atlas - ibhokisi duku rakadaro. Kune avo vanoziva mudzimba "Inspector" - iri ndiro bhokisi rimwe chete, asi neine sticker yakasiyana.

Sei Indaneti ichiri paIndaneti?

RIPE Atlas chirongwa chemahara. Iwe unonyoresa, gamuchira router netsamba uye uiise kunetiweki. Nekuda kwekuti mumwe munhu anoshandisa sampuli yako, iwe unowana mamwe makiredhiti. Nezvikwereti izvi unogona kuita tsvakiridzo iwe pachako. Unogona kuyedza nenzira dzakasiyana: ping, traceroute, tarisa zvitupa. Kufukidzwa kwakakura kwazvo, kune ma node akawanda. Asi pane nuances.

Iyo kiredhiti system haibvumiri kuvaka zvigadziriso zvekugadzira. Hapazovi nezvikwereti zvakakwana zvekuenderera mberi kutsvagisa kana kutengeserana kutarisa. Iwo makiredhiti akakwana pakudzidza kwenguva pfupi kana cheki yenguva imwe chete. Chimiro chezuva nezuva kubva kumuenzaniso mumwe chinopedzwa ne1-2 cheki.

Coverage haina kuenzana. Sezvo chirongwa ichi chiri chemahara mumativi ese, kufukidzwa kwakanaka muEurope, muEurope chikamu cheRussia uye mamwe matunhu. Asi kana iwe uchida Indonesia kana New Zealand, saka zvese zvanyanya kuipa - iwe unogona kunge usina makumi mashanu emasampuli munyika.

Iwe haugone kutarisa http kubva kumuenzaniso. Izvi zvinokonzerwa nehunyanzvi nuances. Vanovimbisa kuigadzirisa mushanduro itsva, asi ikozvino http haigoni kuongororwa. Chete chitupa chinogona kusimbiswa. Imwe mhando ye http cheki inogona kuitwa chete kune yakakosha RIPE Atlas mudziyo unonzi Anchor.

Yechipiri nzira ndeyekutengesa kutarisa. Zvese zvakanaka naye, uri kubhadhara mari, handiti? Ivo vanokuvimbisa akati wandei kana mazana emapoinzi ekutarisa pasirese uye kudhirowa madhibhodhi akanaka kubva mubhokisi. Asi, zvakare, kune matambudziko.

Inobhadharwa, kune dzimwe nzvimbo zvakanyanya. Ping monitoring, cheki pasi rese, uye yakawanda ye http cheki inogona kuita zviuru zvemadhora pagore. Kana mari ichibvumidza uye iwe uchida mhinduro iyi, enda mberi.

Kuvhara kunogona kunge kusina kukwana munharaunda yekufarira. Iine ping imwe chete, iyo yakawanda yeabstract chikamu chenyika inotsanangurwa - Asia, Europe, North America. Rare monitoring masisitimu anogona kudonha achienda kune imwe nyika kana dunhu.

Hutsigiro husina kusimba hwebvunzo dzetsika. Kana iwe uchida chimwe chinhu chetsika, uye kwete kungoita "curly" pane url, saka kune matambudziko nazvo zvakare.

Nzira yechitatu ndeyekutarisa kwako. Ichi chinyakare: "Ngatinyorei zvedu!"

Kutarisa kwako kunoshanduka kuita kugadzirwa kwechigadzirwa chesoftware, uye chakagoverwa. Iwe uri kutsvaga mupi wezvivakwa, tarisa maitiro ekuisa uye nekuiongorora - kutarisa kunoda kutariswa, handiti? Uye rutsigiro runodiwawo. Funga kagumi usati watora izvi. Zvingave nyore kubhadhara mumwe munhu kuti akuitire iwe.

Monitoring BGP anomalies uye DDoS kurwisa

Pano, zvichienderana nezviwanikwa zviripo, zvese zviri nyore. BGP anomalies inowonekwa uchishandisa hunyanzvi masevhisi seQRadar, BGPmon. Ivo vanogamuchira tafura yekuona yakazara kubva kune akawanda anoshanda. Zvichienderana nezvavanoona kubva kune vakasiyana-siyana vanoshanda, vanogona kuona anomalies, tsvaga amplifiers, zvichingodaro. Kunyoresa kunowanzo kuve kwemahara - iwe unoisa nhamba yako yefoni, kunyorera kune email zviziviso, uye sevhisi ichakuzivisa iwe kumatambudziko ako.

Kuongorora DDoS kurwiswa kuri nyore zvakare. Kazhinji izvi ndizvo NetFlow-yakavakirwa uye matanda. Kune specialized masisitimu akadai FastNetMon, modules for Yakashata. Sekuita kwekupedzisira, kune wako DDoS mupi wekudzivirira. Inogona zvakare kuvuza NetFlow uye, zvichibva pairi, inokuzivisa iwe nezvekurwiswa munzira yako.

zvakawanikwa

Usave nekunyepedzera - iyo Internet ichatsemuka. Kwete zvese uye kwete munhu wese achaputsa, asi zviuru gumi nezvina zviitiko muna 14 zvinoratidza kuti pachava nezviitiko.

Basa rako nderekuona matambudziko nekukurumidza sezvinobvira. Zvirinani, pasina nguva pane mushandisi wako. Kwete chete zvakakosha kucherechedza, nguva dzose chengeta "Chirongwa B" chakachengetwa. Chirongwa izano rezvauchaita kana zvese zvaparara.: kuchengetedza vashandisi, DC, CDN. Chirongwa irondedzero yakaparadzana yaunotarisa nayo basa rezvose. Urongwa hunofanirwa kushanda pasina kubatanidzwa kwevanjiniya venetiweki, nekuti kazhinji pane vashoma uye vanoda kurara.

Ndizvo zvose. Ndinoshuva iwe kuwanikwa kwepamusoro uye kutarisa kwakasvibira.

Vhiki rinouya muNovosibirsk kupenya kwezuva, kukwira uye kuwanda kwevagadziri vanotarisirwa HighLoad++ Siberia 2019. MuSiberia, kumberi kwemishumo pamusoro pekutarisa, kuwanikwa uye kuyedzwa, chengetedzo uye manejimendi inofanotaurwa. Kunaya kunotarisirwa muchimiro chemavara akanyorwa, networking, mafoto uye zvinyorwa pasocial network. Isu tinokurudzira kumisa zviitiko zvese munaJune 24 uye 25 uye kubhuka matikiti. Takakumirira muSiberia!

Source: www.habr.com

Voeg