Ukubambezeleka kwe-DNS ephantsi ngundoqo kukhangelo lwe-intanethi olukhawulezayo. Ukuyinciphisa, kubalulekile ukukhetha ngokucophelela iiseva ze-DNS kunye . Kodwa inyathelo lokuqala kukususa imibuzo engenamsebenzi.
Kungenxa yoko le nto i-DNS yayiyilwe ekuqaleni njengeprotocol egcinwe kakhulu. Abalawuli bommandla babeka ixesha lokuphila (TTL) kumangenelo angawodwa, kwaye abasombululi basebenzisa olu lwazi xa begcina amangeno kwinkumbulo ukuphepha ukugcwala okungeyomfuneko.
Ngaba i-caching iyasebenza? Kwiminyaka embalwa edlulileyo, uphando lwam oluncinci lubonise ukuba alufezekanga. Makhe sijonge imeko yangoku yemicimbi.
Ukuqokelela ulwazi ndipeyishile ukugcina ixabiso le-TTL lempendulo. Ichazwa njengeyona TTL encinci yeerekhodi zayo kwisicelo ngasinye esingenayo. Oku kunika umbono olungileyo wokusasazwa kwe-TTL yetrafikhi yokwenyani, kwaye ithathela ingqalelo ukuthandwa kwezicelo zomntu ngamnye. Inguqulelo ekhutshiweyo yomncedisi isebenze iiyure ezininzi.
Iseti yedatha ephumayo ineerekhodi eziyi-1 (igama, qtype, TTL, isitampu sexesha). Nalu unikezelo lwe-TTL lulonke (i-X-axis yi-TTL kwimizuzwana):
Ngaphandle kwe-bump encinci kwi-86 (ubukhulu becala kwiirekhodi ze-SOA), kucacile ukuba ii-TTL zikuluhlu oluphantsi. Masijonge ngakumbi:
Kulungile, ii-TTL ezinkulu kuneyure enye azibalulekanga ngokwezibalo. Emva koko masiqwalasele kuluhlu 1β0:
Uninzi lwe-TTL lusuka kwi-0 ukuya kwimizuzu eyi-15:
Uninzi lusuka kwi-0 ukuya kwimizuzu emi-5:
Akulunganga kakhulu.
Ukusasazwa okongezelekayo kwenza ingxaki icace ngakumbi:
Isiqingatha seempendulo ze-DNS zine-TTL ye-1 umzuzu okanye ngaphantsi, kwaye ikota ezintathu zine-TTL yemizuzu emi-5 okanye ngaphantsi.
Kodwa linda, imbi kakhulu. Ngapha koko, le yi-TTL evela kwiiseva ezigunyazisiweyo. Nangona kunjalo, abaxazululi beklayenti (umzekelo, iirotha, ii-cache zendawo) bafumana i-TTL evela kwizisombululi eziphezulu, kwaye iyancipha isekhondi nganye.
Ke umxhasi unokusebenzisa ingeniso nganye, ngokomyinge, isiqingatha se-TTL yoqobo phambi kokuba athumele isicelo esitsha.
Mhlawumbi ezi TTL ziphantsi kakhulu zisebenza kuphela kwizicelo ezingaqhelekanga kwaye hayi iiwebhusayithi ezidumileyo kunye neeAPI? Makhe sijonge:
I-X i-axis yi-TTL kunye ne-Y i-axis yombuzo wokuthandwa.
Ngelishwa, eyona mibuzo idumileyo ikwayeyona imbi kakhulu kwi-cache.
Masisondele kakhulu:
Sigqibo: kubi nyani. Kwakusele kubi ngaphambili, kodwa kwanda ngakumbi. I-caching ye-DNS iye yaba yinto engento. Njengoko abantu abambalwa basebenzisa isisombululo se-DNS se-ISP yabo (ngezizathu ezilungileyo), ukwanda kwe-latency kubonakala ngakumbi.
I-caching ye-DNS ibe luncedo kuphela kumxholo ekungekho mntu undwendwela.
Nceda uqaphele ukuba isoftware inako tolika iiTTL eziphantsi.
Kutheni kunjalo
Kutheni iirekhodi ze-DNS zisetelwe kwi-TTL ephantsi kangaka?
- Izilinganisi zomthwalo welifa ziye zashiywa noseto olungagqibekanga.
- Kukho iintsomi ukuba ukulinganisa komthwalo we-DNS kuxhomekeke kwi-TTL (oku akuyonyani - ukususela kwimihla ye-Netscape Navigator, abathengi bakhethe idilesi ye-IP engahleliweyo kwiseti ye-RRs kwaye bazama ngokucacileyo enye ukuba abakwazi ukudibanisa)
- Abalawuli bafuna ukufaka utshintsho ngokukhawuleza, ngoko kulula ukucwangcisa.
- Umlawuli weseva ye-DNS okanye ibhalansi yomthwalo ubona umsebenzi wakhe njengosebenzisa ngokufanelekileyo ubumbeko olucelwa ngabasebenzisi, kwaye ungakhawulezisi iisayithi kunye neenkonzo.
- Ii-TTL eziphantsi zikunika uxolo lwengqondo.
- Abantu baqale babeke ii-TTL eziphantsi zovavanyo kwaye balibale ukuzitshintsha.
Khange ndifake "failover" kuluhlu kuba iya isiba ncinci. Ukuba ufuna ukuhambisa abasebenzisi kwenye inethiwekhi ukubonisa nje iphepha lempazamo xa yonke enye into yophukile, ukulibaziseka okungaphezulu komzuzu omnye kwamkelekile.
Ukongezelela, i-TTL yomzuzu omnye ithetha ukuba ukuba iiseva ze-DNS ezigunyazisiweyo zivaliwe ngaphezu komzuzu we-1, akukho mntu uya kukwazi ukufikelela kwiinkonzo ezixhomekeke kuyo. Kwaye ukungafuneki akusayi kunceda ukuba unobangela yimpazamo yoqwalaselo okanye i-hack. Ngakolunye uhlangothi, ngee-TTL ezinengqiqo, abathengi abaninzi baya kuqhubeka nokusebenzisa uqwalaselo lwangaphambili kwaye bangaze baqaphele nantoni na.
Iinkonzo ze-CDN kunye nabalinganisi bomthwalo ubukhulu becala babekek' ityala kwii-TTL eziphantsi, ngakumbi xa zidibanisa ii-CNAME ezine-TTL eziphantsi kunye neerekhodi ezinee-TTL eziphantsi ngokulinganayo (kodwa ezizimeleyo):
$ drill raw.githubusercontent.com raw.githubusercontent.com. 9 IN CNAME github.map.fastly.net. github.map.fastly.net. 20 IN A 151.101.128.133 github.map.fastly.net. 20 IN A 151.101.192.133 github.map.fastly.net. 20 IN A 151.101.0.133 github.map.fastly.net. 20 IN A 151.101.64.133
Nanini na i-CNAME okanye naziphi na iirekhodi ze-A ziphelelwa, isicelo esitsha kufuneka sithunyelwe. Zombini zine TTL yesibini engama-30, kodwa ayifani. Owona mndilili we-TTL uya kuba yimizuzwana eyi-15.
Kodwa yima! Kubi nangakumbi. Abanye abasombululi baziphatha kakubi kakhulu kule meko ngee-TTL ezimbini ezinxulumeneyo:
$ drill raw.githubusercontent.com @ 4.2.2.2 krwada.githubusercontent.com. 1 KWI-CNAME github.map.fastly.net. github.map.fastly.net. 1 KWI-A 151.101.16.133
INqanaba lesi-3 lokusombulula mhlawumbi liqhuba kwi-BIND. Ukuba uyaqhubeka nokuthumela esi sicelo, i-TTL yesi-1 iya kuhlala ibuyiswa. raw.githubusercontent.com ayigcinwanga.
Nanku omnye umzekelo wemeko enjalo enedomeyini edume kakhulu:
$ drill detectportal.firefox.com @1.1.1.1 detectportal.firefox.com. 25 IN CNAME detectportal.prod.mozaws.net. detectportal.prod.mozaws.net. 26 IN CNAME detectportal.firefox.com-v2.edgesuite.net. detectportal.firefox.com-v2.edgesuite.net. 10668 IN CNAME a1089.dscd.akamai.net. a1089.dscd.akamai.net. 10 IN A 104.123.50.106 a1089.dscd.akamai.net. 10 IN A 104.123.50.88
Ubuncinci iirekhodi ezintathu ze-CNAME. Hayi. Omnye uneTTL ehloniphekileyo, kodwa ayinamsebenzi kwaphela. Ezinye ii-CNAME zine-TTL yokuqala yemizuzwana engama-60, kodwa imimandla akamai.net ubuninzi be-TTL yimizuzwana engama-20 kwaye akukho nanye ekwisigaba.
Kuthekani ngemimandla ehlala iphonononga izixhobo ze-Apple?
$ drill 1-courier.push.apple.com @4.2.2.2 1-courier.push.apple.com. 1253 IN CNAME 1.courier-push-apple.com.akadns.net. 1.courier-push-apple.com.akadns.net. 1 IN CNAME gb-courier-4.push-apple.com.akadns.net. gb-courier-4.push-apple.com.akadns.net. 1 IN A 17.57.146.84 gb-courier-4.push-apple.com.akadns.net. 1 IN A 17.57.146.85
Ingxaki efanayo neFirefox kunye ne-TTL ziya kubambeka kwisekondi enye ixesha elininzi xa usebenzisa i-Level1 solver.
I-Dropbox?
$ drill client.dropbox.com @ 8.8.8.8 client.dropbox.com. 7 KWI CNAME client.dropbox-dns.com. client.dropbox-dns.com. 59 KWI-A 162.125.67.3 $ drill client.dropbox.com @ 4.2.2.2 client.dropbox.com. 1 IN CNAME client.dropbox-dns.com. client.dropbox-dns.com. 1 IN A 162.125.64.3
Kwirekhodi safebrowsing.googleapis.com Ixabiso le-TTL yimizuzwana ye-60, njengemimandla ye-Facebook. Kwaye, kwakhona, ngokwembono yomxhasi, la maxabiso aqingqwa.
Kuthekani ngokuseta ubuncinci be-TTL?
Ndisebenzisa igama, uhlobo lwesicelo, i-TTL, kunye nesitampu sexesha esigciniweyo ekuqaleni, ndibhale iskripthi ukulinganisa izicelo ze-1,5 yezigidi ezidlula kwi-caching solver ukuqikelela umthamo wezicelo ezingeyomfuneko ezithunyelwe ngenxa yokungena kwe-cache ephelelwe lixesha.
I-47,4% yezicelo yenziwe emva kokuba irekhodi ekhoyo iphelelwe lixesha. Oku kuphezulu ngokungekho ngqiqweni.
Iya kuba yintoni impembelelo kwi-caching ukuba i-TTL encinci iseti?
I-X axis ngowona maxabiso asezantsi e-TTL. Iirekhodi ezinomthombo we-TTL ngaphezulu kweli xabiso azichaphazeleki.
I-axis ye-Y yipesenti yezicelo ezivela kumxhasi osele enengeniso egciniweyo, kodwa iphelelwe lixesha kwaye yenza isicelo esitsha.
Isabelo sezicelo βezongezelelweyoβ sincitshisiwe ukusuka kwi-47% ukuya kwi-36% ngokumisela nje ubuncinci be-TTL ukuya kwimizuzu emi-5. Ngokumisela ubuncinane be-TTL kwimizuzu eyi-15, inani lezi zicelo lehla ukuya kuma-29%. Ubuncinci be-TTL yeyure enye iyabanciphisa baye kwi-1%. Umahluko obalulekileyo!
Kunjani malunga nokungatshintshi nantoni na kwicala lomncedisi, kodwa endaweni yoko usete i-TTL encinci kumxhasi we-DNS cache (iirutha, izisombululi zasekhaya)?
Inani lezicelo ezifunekayo lehla ukusuka kwi-47% ukuya kwi-34% kunye ne-TTL ubuncinane yemizuzu emi-5, ukuya kwi-25% ubuncinane bemizuzu eyi-15, kunye ne-13% ubuncinane beyure enye. Mhlawumbi imizuzu engama-1 ilungile.
Impembelelo yolu tshintsho luncinci lukhulu kakhulu.
Iyintoni imiphumo?
Ngokuqinisekileyo, inkonzo inokuhanjiswa kumnikezeli wefu omtsha, iseva entsha, inethiwekhi entsha, efuna ukuba abathengi basebenzise iirekhodi zeDNS zamva nje. Kwaye i-TTL encinci inceda ukwenza olo tshintsho ngokutyibilikayo nangokungabonwayo. Kodwa ngokutshintshela kwiziseko ezitsha, akukho mntu ulindele ukuba abathengi bafudukele kwiirekhodi ezintsha ze-DNS ngaphakathi komzuzu we-1, imizuzu emi-5, okanye imizuzu eyi-15. Ukumisela ubuncinane be-TTL kwimizuzu engama-40 endaweni yemizuzu emi-5 akuyi kubathintela abasebenzisi ekubeni bafikelele kwinkonzo.
Nangona kunjalo, oku kuya kunciphisa kakhulu ukubambezeleka kunye nokuphucula ubumfihlo kunye nokuthembeka ngokuphepha izicelo ezingeyomfuneko.
Kakade ke, ii-RFCs zithi i-TTL mayilandelwe ngokungqongqo. Kodwa inyaniso kukuba inkqubo ye-DNS iye yangasebenzi kakuhle.
Ukuba usebenza kunye neeseva ezigunyazisiweyo zeDNS, nceda ujonge iiTTL zakho. Ngaba ngokwenene uyawafuna amaxabiso aphantsi ngolo hlobo?
Ewe kunjalo, kukho izizathu ezilungileyo zokuseta iiTTL ezincinci kwiirekhodi zeDNS. Kodwa hayi kwi-75% yetrafikhi ye-DNS ehlala ingatshintshi.
Kwaye ukuba ngesizathu esithile ufuna ngokwenene ukusebenzisa ii-TTL ezisezantsi ze-DNS, kwangaxeshanye qinisekisa ukuba indawo yakho ayinakugcinwa kugcinwe. Ngezizathu ezifanayo.
Ukuba unendawo yokugcina indawo yeDNS esebenzayo, njenge ekuvumela ukuba ucwangcise ubuncinci bee TTL, sebenzisa lo msebenzi. Oku kulungile. Akukho nto imbi iya kwenzeka. Misela i-TTL encinci malunga nemizuzu engama-40 (2400 imizuzwana) kunye neyure enye. Uluhlu olufanelekileyo.
umthombo: www.habr.com