ProHoster > Π‘Π»ΠΎΠ³ > wararka internetka > Siideynta KnotDNS 3.0.0 server DNS

Siideynta KnotDNS 3.0.0 server DNS

la daabacay sii daayo KnotDNS 3.0.0, Adeegga DNS ee awood-sare leh (recursor-ka waxaa loo qaabeeyey codsi gooni ah) kaas oo taageera dhammaan awoodaha DNS casriga ah. Mashruuca waxaa soo saaraya Czech name registry CZ.NIC, oo ku qoran C iyo qaybiyey shatiga ku haysta GPLv3.

KnotDNS waxaa lagu kala soocaa iyada oo diiradda saareysa habaynta weydiinta waxqabadka sare, taas oo ay u isticmaasho hirgelinta taxane badan oo inta badan aan xannibin taas oo si fiican u miisaanaysa nidaamyada SMP. Astaamaha sida ku-darka iyo tirtirida aagagga duulista, wareejinta aagagga u dhexeeya server-yada, DDNS (cusbooneysii firfircoonida), NSID (RFC 5001), EDNS0 iyo kordhinta DNSSEC (oo ay ku jiraan NSEC3), xaddididda heerka jawaabta (RRL) ayaa la bixiyaa.

Siideynta cusub:

  • Lagu daray qaab shabakadeed waxqabad sare leh, oo la hirgeliyay iyadoo la isticmaalayo nidaamka hoose XDP (eXpress Data Path), kaas oo siiya agabka habaynta baakadaha heerka darawalka shabakada ka hor inta aan lagu farsamayn kaydinta shabakada kernel Linux. Si loo isticmaalo qaabka, Linux kernel 4.18 ama wixii ka dambeeya ayaa loo baahan yahay.
  • Taageero lagu daray Aagaga Buugaagta, taasoo sahlaysa in la ilaaliyo server-yada DNS-ka sare. Marka sifadan la furo, halkii lagu qeexi lahaa diiwaanka aaga sare ee server-ka sare, liiska aagga ayaa loo wareejinayaa inta u dhaxaysa server-yada aasaasiga ah iyo kan sare, ka dib aagagga laga sameeyay server-ka aasaasiga ah oo lagu calaamadeeyay sida lagu daray buug-yaraha si toos ah lagu abuuray server-ka sare iyada oo aan loo baahnayn in wax laga beddelo qaabaynta faylasha. Utility kcatalogprint waxaa loo soo jeediyay maaraynta buugaagta.
  • Lagu daray qaab xaqiijinta DNSSEC cusub.
  • Lagu daray kzonesign utility si ay gacanta ugu soo saarto saxeexyada dhijitaalka ah ee DNSSEC.
  • Lagu daray utility kxdpgun oo leh hirgelinta waxqabadka sare ee "DNS over UDP" taraafikada Linux.
  • kdig wuxuu ku daraa taageerada DNS ee HTTPS (DoH), oo lagu fuliyay iyadoo la adeegsanayo GnuTLS iyo libnghttp2.
  • Taageero lagu daray gacanta DNSSEC maamulka muhiimka ah heerka ka noqoshada furayaasha KSK (furaha saxeexa furaha)RFC 5011).
  • Taageero lagu daray jiilka go'aaminta saxeexyada dhijitaalka ah iyadoo la isticmaalayo algorithms ECDSA (waxay u baahan tahay GnuTLS 3.6.10 iyo ka dib si ay u shaqeyso).
  • Hab nabdoon oo lagu kaydiyo laguna soo celiyo xogta aaga DNS ayaa la soo jeediyay.
  • Waxqabadka moduleka "statistics" si weyn ayaa loo hagaajiyay.
  • Markaad awood u siiso qaabka isku xiran ee soo saarista saxeexyada dhijitaalka ah ee aagagga DNS, isbarbardhigga hawlgallada dheeraadka ah ee aagagga ayaa la hubiyaa.
  • Waxtarka kaydinta oo la hagaajiyay iyo waxqabadka weydiinta oo la hagaajiyay.

Source: opennet.ru

Add a comment