ProHoster > Ibhulogi > iindaba ze-intanethi > Ukukhutshwa kwe-Kea 3.0 DHCP server, ephuhliswe yi-ISC consortium

Ukukhutshwa kwe-Kea 3.0 DHCP server, ephuhliswe yi-ISC consortium

I-ISC consortium ikhuphe iseva ye-Kea 3.0 DHCP, ethatha indawo ye-ISC DHCP yakudala. I-Kea 3.0 iphawulwe njengokukhululwa kokuqala okuza kubonelelwa ngomjikelezo wenkxaso wexesha elide (LTS) - ukuhlaziywa kuya kukhutshwa kwiminyaka emithathu. Ukhupho olutsha oluzinzileyo olubalulekileyo lucetywa ukuba lwenziwe rhoqo emva kweenyanga ezintandathu, endaweni yokuba kube kanye ngonyaka. Ikhowudi yomthombo weprojekthi ihanjiswa phantsi kwe-Mozilla Public License (MPL) 2.0, endaweni yeLayisensi ye-ISC eyayisetyenziswa ngaphambili kwi-ISC DHCP.

Iseva yeKea DHCP isekelwe kwitekhnoloji ye-BIND 10 kwaye yakhiwe kusetyenziswa uyilo lwemodyuli oluhlulahlula ukusebenza kwiinkqubo ezahlukeneyo zomphathi. Imveliso ibandakanya ukuphunyezwa kweseva esebenza ngokupheleleyo kunye nenkxaso yeenkqubo ze-DHCPv4 kunye ne-DHCPv6, ezikwaziyo ukuthatha indawo ye-ISC DHCP. IKea inezihlaziyo zeDynamic DNS ezidibeneyo kwaye ixhasa iindlela zokufumanisa. abancedisi, ukwabiwa kweedilesi, ukuhlaziywa kunye nokunxibelelana kwakhona, ukubonelela ngezicelo zolwazi, ukubhukisha iidilesi zeehost, kunye nokuqalisa i-PXE. Ukuphunyezwa kwe-DHCPv6 kukwabonelela ngokukwazi ukwabela izimaphambili.

Ulwazi malunga needilesi ezinikezelweyo kunye neeparitha zabaxhasi zingagcinwa kwiisitoreji ezahlukeneyo, umzekelo, ukubuyisela umva ukugcina kwiifayile ze-CSV, i-MySQL, i-Apache Cassandra kunye ne-PostgreSQL DBMS zinikezelwa. Iiparamitha zogcino zomamkeli zingacaciswa kwifayile yoqwalaselo kwifomathi ye-JSON okanye njengetafile kwi-MySQL kunye ne-PostgreSQL. Isixhobo se-perfdhcp sokulinganisa ukusebenza kweseva ye-DHCP kunye namacandelo okuqokelela izibalo zibandakanyiwe. I-API ekhethekileyo inikezelwa ukusebenzisana nezicelo zangaphandle. Uqwalaselo lunokuhlaziywa kubhabho ngaphandle kokuphinda uqalise umncedisi.

Uphuculo oluphambili kwi-Kea 3.0:

  • Uninzi lwamathala eencwadi alishumi elinesibini e-Kea anezibambi eziplagiweyo (iigwegwe), ezazikho ngaphambili phantsi kwelayisenisi yorhwebo, ziye zafuduselwa kwicandelo elivulekileyo nelisasazwa ngokukhululekileyo (kuphela iRBAC kunye ne-Configuration Backend handlers zihlala zirhweba, ngelixa i-12 eseleyo yabaphathi ivuliwe phantsi kwelayisensi ye-MPL 2.0). Inkqubo yokuhambisa i-pluggable handlers itshintshiwe - ithokheni yokufikelela ayisafuneki ukuba kufakwe. Amathala eencwadi avuliweyo aqukiwe kwindawo yogcino-mpepha ephambili enekhowudi yomthombo we-Kea kwaye ayafumaneka ukuze afakwe kwiindawo zokugcina ezisemthethweni ze-ISC.

    Izakhono ezibonelelwe ngabaphathi abavulekileyo ziquka: ukuguqulwa kweeklasi zabaxhasi be-DHCP ngaphandle kokuqalisa kwakhona iseva ye-DHCP, ukuhlaziya i-DDNS (Dynamic DNS) ngokumalunga nabathengi, isabelo esiguquguqukayo se-identifiers kubathengi, ukugcina iinkuni ezandisiweyo, usebenzisa i-GSS-TSIG yokuqinisekisa, iimpendulo ze-caching ezivela kwezinye iinginginya ze-MS, ukuhambisa umda we-DB kwi-hostening ye-DB. izicelo, i-ping-checking idilesi ngaphambi kokukhutshwa kubaxhasi, ukudibanisa kunye neeseva ze-RADIUS, ukulawula izicwangciso ze-subnet ngaphandle kokuqalisa kwakhona, kunye nenkxaso ye-DHCPv4 / DHCPv6 yokwandisa i-Leasequery. Abaphangi abavuliweyo banokusetyenziselwa ukuqwalasela i-subnets kunye nokugcinwa kwenginginya ngokusebenzisa ujongano lwewebhu yeNgwamza.

  • Iitshekhi ezongezelelweyo kunye nezixhasi zokhuseleko zongeziwe ngokusekelwe kubuthathaka obuchongiweyo kutshanje. Emva kokuphucula kwi-Kea 3.0, abalawuli baya kufuna ukuseta amagama ayimfihlo amatsha kwaye balungise ukhuseleko lokufikelela olukhuselekileyo kujongano lolawulo olukude.
  • Kongezwe inkxaso eyakhelwe-ngaphakathi ye-HTTP/TLS. I-Agent yoLawulo lwe-Kea (CA) ayisafuneki ukuba iququzelele ukufikelela kude, okwenza kube lula ukuseta. I-DHCPv4, i-DHCPv6, kunye ne-DHCP-DDNS iinkqubo zangasemva ngoku zinenkxaso eyakhelwe-ngaphakathi yokufikelela kwii-APIs nge-HTTP kunye ne-TLS ngaphandle kokusebenzisa i-Agent Control. I-Arhente yoLawulo lwe-Kea icwangciswe ukuba isuswe kukhupho oluzayo.
  • Ukuze kube lula ukufuduka kwi-ISC DHCP, ulwahlulo lwabaxumi lutshintshiwe. Ukukwazi ukongeza iinketho ekubopheleleni kumxhasi okanye i-subnet inikezelwe. Indlela yokuziphatha xa iinketho zelifa zisondezwe kwi-ISC DHCP.
  • I-DHCPv6 isebenzisa indlela yokubhalisa idilesi (RFC 9686) evumela, endaweni yokwabela umncedisi iidilesi, velisa idilesi kwicala lesixhobo usebenzisa i-SLAAC (Stateless Address Autoconfiguration), uze udlulisele ulwazi malunga nedilesi eyenziweyo kwiseva ye-DHCPv6.
  • Inkqubo yendibano iye yaphuculwa yaza yagqithiselwa ukusuka kwiZixhobo ze-Auto ukuya kwizixhobo zeMeson.
  • Ikhowudi yokuxhasa i-MySQL kunye ne-PostgreSQL yokugcina i-backends ihanjiswe kwiilayibrari ezahlukeneyo. Ezi mva azisafuneki ukuba kufakwe - ukuba i-MySQL kunye ne-PostgreSQL inkxaso ayifuni, i-Kea ayisafuni ukufakwa kwezinto ezixhomekeke kwi-DBMS.

umthombo: opennet.ru

Thenga ukusingathwa okuthembekileyo kwiindawo ezinokhuseleko lweDDoS, iiseva zeVPS VDS 🔥 Thenga ukusingathwa kwewebhusayithi okuthembekileyo ngokhuseleko lwe-DDoS, iiseva zeVPS VDS | ProHoster