ukukhutshwa kweseva ye-DNS enegunya , eyenzelwe ukuququzelela ukuhanjiswa kwemimandla ye-DNS. Ngu abaphuhlisi beprojekthi, i-PowerDNS Authoritative Server ikhonza malunga ne-30% yenani elipheleleyo leemimandla eYurophu (ukuba siqwalasela kuphela imimandla kunye neesignesha ze-DNSSEC, ngoko-90%). Ikhowudi yeprojekthi ilayisenisi phantsi kwe-GPLv2.
I-PowerDNS Authoritative Server inikeza amandla okugcina ulwazi lwesizinda kwiinkcukacha ezahlukeneyo, kuquka i-MySQL, i-PostgreSQL, i-SQLite3, i-Oracle, kunye ne-Microsoft SQL Server, kunye ne-LDAP kunye neefayile ezibhaliweyo ezicacileyo kwifomethi ye-BIND. Impendulo ingahluzwa ngakumbi (umzekelo, ukucoca i-spam) okanye iqondiswe ngokutsha ngokudibanisa abaphathi besiko kwiLua, Java, Perl, Python, Ruby, C kunye neC ++. Iimpawu zibandakanya izixhobo zokuqokelela okude kwezibalo, kubandakanywa nge-SNMP okanye nge-Web API (iseva ye-HTTP yakhiwe kwizibalo kunye nolawulo), ukuqalisa kwakhona ngokukhawuleza, injini eyakhelweyo yokudibanisa abaphathi ngolwimi lwesiLua, ukukwazi ukulayisha ibhalansi. kuthathelwa ingqalelo indawo yomthengi .
Siseko :
- Uphawu olongeziweyo iirekhodi kunye nabaphathi ngolwimi lwesiLua, ngoncedo apho unokudala abaphathi abanobuchule abathatha ingqalelo ye-AS, i-subnets, ukusondela kumsebenzisi, njl. xa ubuyisela idatha. Inkxaso yeerekhodi zeLua iphunyeziwe kuzo zonke iindawo zokugcina, kuquka i-BIND kunye ne-LMDB. Umzekelo, ukuthumela idatha ethathela ingqalelo ukujonga ngasemva kokufumaneka kwenginginya kuqwalaselo lwezowuni, ungacacisa ngoku:
@IN LUA A "ifportup(443, {'52.48.64.3', '45.55.10.200'})"
- Kongezwe into entsha , ekuvumela ukuba udlulise imimandla ukusuka kumncedisi ogunyazisiweyo usebenzisa i-AXFR kunye nezicelo ze-IXFR, ngokuqwalasela ukufaneleka kwedatha edlulisiweyo (kwisizinda ngasinye, inombolo ye-SOA ihlolwe kwaye kuphela iinguqulelo ezintsha zezowuni zikhutshelwa). Isixhobo sikuvumela ukuba uququzelele ungqamaniso lweendawo kwinani elikhulu kakhulu lesibini kunye neeseva eziphindaphindayo ngaphandle kokudala umthwalo onzima kumncedisi oyintloko;
- Ukulungiselela inyathelo lokuqala Ixabiso le-udp-truncation-threshold parameter, elijongene nokunciphisa iimpendulo ze-UDP kumxhasi, liye lancitshiswa ukusuka kwi-1680 ukuya kwi-1232, ekufuneka inciphise kakhulu amathuba okulahlekelwa iipakethi ze-UDP. Ixabiso le-1232 likhethiweyo kuba liphezulu apho ubukhulu bempendulo ye-DNS, ngokuqwalasela i-IPv6, ingena kwixabiso elincinci le-MTU (1280);
- Kongezwe i-backend yogcino olusekwe kwisiseko sedatha . I-backend ihambelana ngokupheleleyo ne-DNSSEC, ingasetyenziselwa imimandla yenkosi kunye nekhoboka, kwaye ibonelela ngokusebenza okungcono kunezinye izinto ezisemva. Ngokukhawuleza ngaphambi kokukhululwa, utshintsho longezwa kwikhowudi eyaphazamisa ukusebenza kwe-backend ye-LMDB (ukucubungula iindawo zekhoboka kunye nokulayisha nge-pdnsutil esebenzayo, kodwa imiyalelo efana ne "pdnsutil edit-zone" yayeka ukusebenza. Iingxaki zicetywa ukuba zilungiswe. kukhupho olulandelayo lokulungisa;
- Ilahliwe inkxaso yomsebenzi ongabhalwanga kakuhle othi "autoserial", nto leyo ebithintela imiba ethile ukuba ingasonjululwa. Ngokweemfuno (I-GOST R 34.11-2012 ihanjiswe kwisigaba esithi "MAKUMEKI") I-DNSSEC ayisaxhasi i-GOST DS hashes kunye neesignesha zedijithali ze-ECC-GOST.
Njengesikhumbuzo, i-PowerDNS iye yafudukela kumjikelo wophuhliso weenyanga ezintandathu, kunye nokukhululwa okulandelayo kwe-PowerDNS Authoritative Server kulindeleke ngoFebruwari 2020. Uhlaziyo lokukhutshwa okubalulekileyo luya kuphuhliswa unyaka wonke, emva koko ukulungiswa komngcipheko kuya kukhutshwa ezinye iinyanga ezintandathu. Ngaloo ndlela, inkxaso ye-PowerDNS Authoritative Server 4.2 yesebe iya kuhlala kude kube nguJanuwari 2021.
umthombo: opennet.ru