Inkampani yeCloudflare ingxelo ngesehlo sayizolo, esibangele ukusuka kwi-13: 34 ukuya kwi-16: 26 (MSK) bekukho iingxaki zokufikelela kwimithombo emininzi kwinethiwekhi yehlabathi, kubandakanywa neziseko ze-Cloudflare, i-Facebook, i-Akamai, i-Apple, i-Linode kunye ne-Amazon AWS. Iingxaki kwiziseko ze-Cloudflare, ezibonelela nge-CDN kwiindawo ze-16 yezigidi, ukusuka 14:02 ukuba 16:02 (MSK). I-Cloudflare iqikelela ukuba malunga ne-15% yetrafikhi yehlabathi yalahleka ngexesha lokucima.
Ingxaki yaba Ukuvuza komzila we-BGP, apho malunga ne-20 lamawaka izimaphambili ze-2400 networks zathi zathunyelwa ngendlela engalunganga. Umthombo wokuvuza yayingumboneleli woNxibelelwano we-DQE, owayesebenzisa isoftware ukwenza ngcono indlela. I-BGP Optimizer yahlula izimaphambili ze-IP zibe ezincinci, umzekelo ukwahlula i-104.20.0.0/20 ibe yi-104.20.0.0/21 kunye ne-104.20.8.0/21, kwaye ngenxa yoko, i-DQE Communications igcine kwicala layo inani elikhulu leendlela ezithile ezigqithisa ngaphezulu. iindlela eziqhelekileyo (okt endaweni yeendlela eziqhelekileyo eziya kwi-Cloudflare, iindlela ezingaphezulu zegranular ukuya kwii-subnets ezithile ze-Cloudflare zisetyenzisiwe).
Ezi ndlela zamanqaku zabhengezwa komnye wabaxumi (Allegheny Technologies, AS396531), naye wayenonxibelelwano ngomnye umnikezeli. I-Allegheny Technologies yasasaza iindlela ezinesiphumo komnye umboneleli wohambo (Verizon, AS701). Ngenxa yokunqongophala kohluzo olululo lwezaziso ze-BGP kunye nezithintelo kwinani lezimaphambili, iVerizon yasithatha esi sibhengezo kwaye yasasaza isiphumo se-20 samawaka ezimaphambili kwi-Intanethi iphela. Izimaphambili ezingachanekanga, ngenxa yobudubedube bazo, ziye zabonwa njengezona ziphambili ngokubaluleka njengoko indlela ethile inokubaluleka okuphezulu kunomgaqo jikelele.
Ngenxa yoko, itrafikhi yeenethiwekhi ezininzi ezinkulu zaqala ukuhanjiswa ngeVerizon ukuya kumnikezeli omncinci woNxibelelwano lwe-DQE, engazange ikwazi ukujongana nokunyuka kwetrafikhi, okukhokelele ekuweni (umphumo uthelekiswa nokutshintsha inxalenye yendlela ephithizelayo ene- indlela yelizwe).
Ukuthintela iziganeko ezifanayo ukuba zenzeke kwixesha elizayo
:
- Sebenzisa izibhengezo ezisekelwe kwi-RPKI (i-BGP Origin Validation, ivumela ukwamkela izibhengezo kuphela kubanini benethiwekhi);
- Ukunciphisa inani eliphezulu lezimaphambili ezifunyenweyo kuzo zonke iiseshoni ze-EBGP (ubuninzi beprefix setting inganceda ukulahla ngokukhawuleza usasazo lwe-20 amawaka ezimaphambili kwiseshoni enye);
- Faka isihluzo esisekwe kwirejistri ye-IRR (iRejistri yokuJonga kwi-Intanethi, imisela ii-ASes ekuvunyelwene ngazo ukuhanjiswa kwezimaphambili ezikhankanyiweyo);
- Sebenzisa iisetingi zokuvala ezingagqibekanga ezicetyiswayo kwi-RFC 8212 kwiirutha ('ukukhanyela okumiselweyo');
- Yeka ukusetyenziswa ngokungakhathali kwe-BGP optimizers.
umthombo: opennet.ru