Maanta, tiro adeegyo badan oo DNS ah iyo soosaarayaasha server-yada DNS ayaa qaban doona munaasabad wadajir ah loogu talagalay in diiradda la saaro oo leh kala qaybsanaanta IP marka la farsameynayo farriimaha DNS ee waaweyn. Tani waa dhacdadii labaad ee noocan oo kale ah, sannadkii hore "maalinta calanka DNS" ku saabsan habaynta saxda ah ee codsiyada EDNS.
Ka qaybqaatayaasha maalinta calanka DNS hindisaha 2020 waxay ku baaqayaan cabbirada kaydinta lagu taliyey ee EDNS in lagu hagaajiyo 1232 bytes ( cabbirka MTU 1280 laga jaray 48 bytes ee madaxyada), iyo sidoo kale Codsiyada ka baaraandegidda TCP waa astaan ββay tahay in laga helo adeegayaasha. IN Kaliya taageerada codsiyada habaynta ee UDP ayaa loo calaamadeeyay inay qasab tahay, TCP-na waxay ku qoran tahay mid la jecel yahay, laakiin looma baahna hawlgalka. Cusub ΠΈ si cad u tax TCP inay tahay awooda loo baahan yahay ee DNS inay si sax ah u shaqeyso. Hindisuhu waxa uu soo jeedinayaa in lagu qasbo ka gudbida codsiyada u dirida UDP loona isticmaalo TCP xaaladaha halka cabbirka kaydka EDNS ee la aasaasay aanu ku filnayn.
Isbeddellada la soo jeediyay waxay baabi'in doonaan jaahwareerka doorashada cabbirka EDNS ee cabbirka waxayna xalliyaan dhibaatada kala qaybsanaanta farriimaha waaweyn ee UDP, habaynta taas oo inta badan keenta luminta baakidhka iyo waqti-dhaafka dhinaca macmiilka. Dhinaca macmiilka, cabbirka kaydka EDNS wuxuu ahaan doonaa mid joogto ah jawaabo waaweynna waxaa isla markiiba loogu diri doonaa macmiilka marka loo eego TCP. Ka fogaanshaha dirista farriimaha waaweyn ee UDP waxay sidoo kale xallin doontaa dhibaatooyinka baakadaha waaweyn ee lagu soo rido dab-damiska qaarkood waxayna oggolaanaysaa xannibaadda Sumaynta kaydka DNS, oo ku saleysan khalkhalgelinta baakadaha UDP ee jajaban (marka loo qaybiyo jajab, jajabka labaad kuma jiraan madax leh aqoonsi, sidaas darteed waa la been-abuuri karaa, taas oo ku filan oo kaliya in jeeggu ku habboon yahay) .
Laga bilaabo maanta, bixiyeyaasha DNS ka qaybqaadanaya oo ay ku jiraan CloudFlare, Quad 9, Cisco (OpenDNS) iyo Google, Cabbirka kaydinta EDNS laga bilaabo 4096 ilaa 1232 bytes ee adeegayaasha DNS-ka (isbeddelka EDNS wuxuu ku fidi doonaa 4-6 toddobaad wuxuuna dabooli doonaa tirada sii kordheysa ee codsiyada waqti ka dib). Jawaabaha codsiyada UDP ee aan ku habboonayn xadka cusub waxaa loo diri doonaa TCP. Iibiyeyaasha server-ka DNS oo ay ku jiraan BIND, Unbound, Knot, NSD iyo PowerDNS ayaa sii deyn doona cusboonaysiinta si ay u beddelaan cabbirka kaydka EDNS ee caadiga ah laga bilaabo 4096 bytes ilaa 1232 bytes.
Ugu dambeyntii, isbeddelladani waxay u horseedi karaan dhibaatooyinka xallinta marka la gelayo server-yada DNS kuwaas oo jawaabahooda UDP DNS ay ka badan yihiin 1232 bytes oo aan soo diri karin jawaabta TCP. Tijaabo lagu sameeyay Google ayaa muujisay in beddelka cabbirka kaydka EDNS aanay wax saamayn ah ku yeelanayn heerka guul-darraysiga - oo leh kayd 4096 bytes ah, tirada codsiyada UDP ee go'ay waa 0.345%, tirada dib-u-celinta aan la gaadhi karin ee ka badan TCP waa 0.115%. Iyada oo kaydka ah 1232 bytes, tirooyinkani waa 0.367% iyo 0.116%. Samaynta taageerada TCP ee muujinta DNS ee loo baahan yahay waxay dhibaato ku keeni doontaa ilaa 0.1% server-yada DNS. Waxaa la xusay in xaaladaha casriga ah, iyada oo aan lahayn TCP, hawlgalka server-yadani waa mid aan degganayn.
Maamulayaasha server-yada DNS ee awoodda leh waa inay hubiyaan in server-koodu uga jawaabo TCP ee dekedda 53 iyo in dekedda TCP aan la xannibin dab-damis. Adeegga DNS ee sumcadda leh waa inuusan sidoo kale soo dirin jawaabaha UDP ee ka weyn
cabbirka kaydka EDNS ee la codsaday. Seerfarka laftiisa, cabbirka kaydka EDNS waa in lagu dejiyaa 1232 bytes. Xaliyaashu waxay leeyihiin qiyaastii shuruudo isku mid ah - awoodda qasabka ah ee looga jawaabayo TCP, taageerada qasabka ah ee loogu diro codsiyada soo noqnoqda ee TCP marka la helayo jawaabta UDP ee la gooyay, iyo dejinta EDNS kaydka 1232 bytes.
Qiyaasaha soo socda ayaa mas'uul ka ah dejinta cabbirka kaydka EDNS ee server-yada DNS ee kala duwan:
doorashooyinka {
edns-udp-xajmiga 1232;
max-udp-xajmiga 1232;
};
max-udp-load: 1232
net.bufsize(1232)
udp-truncation-threshold=1232
edns-outgoing-bufsize=1232
udp-truncation-threshold=1232
edns-buffer-cabbir: 1232
IPv4-edns-cabbir: 1232
IPv6-edns-cabbir: 1232
Source: opennet.ru