Kuburitswa kweiyo caching DNS server PowerDNS Recursor 4.6 iripo, iyo ine basa rekudzokorora zita rekugadzirisa. PowerDNS Recursor yakavakirwa pane imwecheteyo kodhi base sePowerDNS Authoritative Server, asi PowerDNS inodzokororwa uye ine chiremera DNS maseva anogadzirwa kuburikidza neakasiyana ekusimudzira uye anoburitswa sezvigadzirwa zvakasiyana. Iyo kodhi yeprojekiti yakagoverwa pasi peGPLv2 rezinesi.
Sevha inopa maturusi ekuunganidzira kure kwenhamba, inotsigira kutangazve ipapo, ine yakavakirwa-mukati injini yekubatanidza vanobata mumutauro weLua, inotsigira zvizere DNSSEC, DNS64, RPZ (Response Policy Zones), uye inokutendera kuti ubatanidze blacklists. Zvinogoneka kurekodha mhinduro senge BIND zone mafaera. Kuve nechokwadi chekuita kwepamusoro, nzira dzemazuva ano dzekubatanidza nzira dzinoshandiswa muFreeBSD, Linux uye Solaris (kqueue, epoll, /dev/poll), pamwe nepamusoro-inoita DNS packet parser inokwanisa kugadzirisa makumi ezviuru zvezvikumbiro zvakafanana.
Mushanduro itsva:
- Yakawedzera "Zone kuCache" basa, iro rinokutendera kuti utore nguva nenguva yeDNS zone uye woisa zvirimo mu cache, kuitira kuti cache igare iri mu "hot" state uye ine data rakabatana nenzvimbo. Basa racho rinogona kushandiswa nechero rudzi rwenzvimbo, kusanganisira mudzi. Kutora nzvimbo kunogona kuitwa uchishandisa DNS AXFR, HTTP, HTTPS, kana kuburikidza nekurodha kubva kufaira renzvimbo.
- Zvinogoneka kuseta patsva zvinyorwa kubva kucache kana watambira zvikumbiro zvekuzivisa zvinouya.
- Yakawedzera rutsigiro rwekuvharidzira mafoni kumaseva eDNS uchishandisa DoT (DNS pamusoro peTLS). Nekumisikidza, DoT inogoneswa paunotsanangura port 853 yeDNS Forwarder kana paunonyora zvakajeka maseva eDNS kuburikidza neiyo dot-to-auth-mazita parameter. Kuongororwa kweSitifiketi hakusati kwaitwa, sekuchinjira otomatiki kuDoT nerutsigiro rwayo neDNS server (aya maficha anozogoneswa mushure mekubvumidzwa nekomiti yekumisikidza).
- Iyo kodhi yekumisikidza inobuda TCP yekubatanidza yakanyorwa patsva, uye kugona kushandisazve majoimani kwawedzerwa. Kuti ushandisezve TCP (uye DoT) zvinongedzo, zvinongedzo hazvichavharwe pakarepo mushure mekugadzirisa chikumbiro, asi zvinosiiwa zvakavhurika kwenguva yakati (maitiro anodzorwa neiyo tcp-out-max-idle-ms setting).
- Huwandu hweakaunganidzwa uye kutumirwa metrics ane nhamba uye ruzivo rwekutarisa masisitimu akawedzerwa.
- Yakawedzera chiitiko chekuyedza Chiitiko cheTracing chinokutendera iwe kuti uwane ruzivo rwakadzama nezve nguva yekuuraya yega yega nhanho yekugadzirisa.
Source: opennet.ru