Ukubambezeleka okuphansi kwe-DNS kuyisihluthulelo sokuphequlula i-inthanethi okusheshayo. Ukuze unciphise, kubalulekile ukukhetha ngokucophelela amaseva e-DNS futhi . Kodwa isinyathelo sokuqala ukususa imibuzo engenamsebenzi.
Kungakho i-DNS ekuqaleni yayiklanywe njengephrothokholi egcineke kakhulu. Abaphathi bezone babeka isikhathi sokuphila (i-TTL) kokufakiwe ngakunye, futhi abaxazululi basebenzisa lolu lwazi lapho begcina okufakiwe ekhanda ukuze bagweme ithrafikhi engadingekile.
Ingabe ukulondoloza isikhashana kuyasebenza? Eminyakeni embalwa edlule, ucwaningo lwami oluncane lwabonisa ukuthi lwalungaphelele. Ake sibheke isimo samanje.
Ukuze ngiqoqe ulwazi ngilubhalile ukuze ulondoloze inani le-TTL lempendulo. Ichazwa njengenani elincane le-TTL lamarekhodi ayo esicelweni ngasinye esingenayo. Lokhu kunikeza umbono omuhle wokusatshalaliswa kwe-TTL kwethrafikhi yangempela, futhi kucabangela ukuthandwa kwezicelo zomuntu ngamunye. Inguqulo efakwe nezichibiyelo yeseva isebenze amahora ambalwa.
Isethi yedatha ewumphumela iqukethe amarekhodi ayi-1 (igama, qtype, TTL, isitembu sesikhathi). Nakhu ukusabalalisa okuphelele kwe-TTL (i-X-axis iyi-TTL ngamasekhondi):
Ngaphandle kokushayisana okuncane ku-86 (ikakhulukazi kumarekhodi e-SOA), kucace bha ukuthi ama-TTL akubanga eliphansi. Ake sibhekisise:
Kulungile, ama-TTL amakhulu kunehora elingu-1 awabalulekile ngokwezibalo. Bese sigxila ebangeni 0β3600:
Ama-TTL amaningi asuka kumaminithi angu-0 kuye kwayi-15:
Iningi lisuka kumaminithi angu-0 kuye kwangu-5:
Akukuhle kakhulu.
Ukusabalalisa okuqoqiwe kwenza inkinga ibonakale nakakhulu:
Ingxenye yezimpendulo ze-DNS ine-TTL yomzuzu ongu-1 noma ngaphansi, futhi izingxenye ezintathu kwezine zine-TTL yemizuzu emi-5 noma ngaphansi.
Kodwa linda, empeleni kubi kakhulu. Phela, lena yi-TTL evela kumaseva agunyaziwe. Nokho, izixazululi zeklayenti (isb. amarutha, izinqolobane zasendaweni) zithola i-TTL evela kuzixazululi ezikhuphuka nomfula, futhi yehla njalo ngomzuzwana.
Ngakho iklayenti lingasebenzisa okufakiwe ngakunye, ngokwesilinganiso, ingxenye ye-TTL yoqobo ngaphambi kokuthumela isicelo esisha.
Mhlawumbe lawa ma-TTL aphansi kakhulu asebenza kuphela ezicelweni ezingajwayelekile hhayi kumawebhusayithi adumile nama-API? Ake sibheke:
I-X axis yi-TTL, i-eksisi ye-Y iwukuthandwa kombuzo.
Ngeshwa, imibuzo ethandwa kakhulu nayo yimbi kakhulu ukuyigcina.
Asisondeze isithombe:
Sigwebo: kubi impela. Bekuvele kukubi ngaphambili, kodwa kwaba kubi kakhulu. Ukugcinwa kwesikhashana kwe-DNS sekucishe kwaba yize. Njengoba abantu abambalwa basebenzisa isixazululi se-DNS se-ISP yabo (ngezizathu ezinhle), ukwanda kokubambezeleka kubonakala kakhulu.
Ukugcinwa kunqolobane kwe-DNS sekusebenziseke kuphela kokuqukethwe okungekho muntu okuvakashelayo.
Sicela futhi uqaphele ukuthi isofthiwe ingase chaza ama-TTL aphansi.
Kungani kunjalo
Kungani amarekhodi e-DNS esethelwe ku-TTL ephansi kangaka?
- Izilinganisi zomthwalo wefa zishiywe nezilungiselelo ezizenzakalelayo.
- Kunezinganekwane zokuthi ukulinganisa komthwalo we-DNS kuncike ku-TTL (lokhu akulona iqiniso - kusukela ezinsukwini ze-Netscape Navigator, amaklayenti akhethe ikheli le-IP elingahleliwe kusethi yama-RRs futhi azama ngokusobala elinye uma engakwazi ukuxhuma)
- Abalawuli bafuna ukufaka izinguquko ngokushesha, ngakho kulula ukuhlela.
- Umlawuli weseva ye-DNS noma isilinganisi somthwalo ubona umsebenzi wakhe njengosebenzisa kahle ukulungiselelwa okucelwa abasebenzisi, futhi hhayi ukusheshisa amasayithi namasevisi.
- Ama-TTL aphansi akunikeza ukuthula kwengqondo.
- Abantu baqale babeke ama-TTL aphansi ukuthi ahlolwe bese bekhohlwa ukuwashintsha.
Angizange ngifake okuthi "failover" ohlwini ngoba kuya ngokuya kuncipha ukubaluleka. Uma udinga ukuqondisa kabusha abasebenzisi kwenye inethiwekhi ukuze nje ubonise ikhasi lephutha lapho konke okunye kwephukile, ukubambezeleka okungaphezu kweminithi elingu-1 cishe kwamukelekile.
Ukwengeza, i-TTL yomzuzu owodwa isho ukuthi uma amaseva e-DNS agunyaziwe evinjwa isikhathi esingaphezu kweminithi elingu-1, akekho omunye ozokwazi ukufinyelela izinsiza ezincikile. Futhi ukukhishwa kabusha ngeke kusize uma imbangela kuyiphutha lokumisa noma ukugebenga. Ngakolunye uhlangothi, ngama-TTL anengqondo, amaklayenti amaningi azoqhubeka nokusebenzisa ukucushwa kwangaphambilini futhi awaboni lutho.
Amasevisi e-CDN nezilinganisi zomthwalo yizona ezinecala elikhulu kuma-TTL aphansi, ikakhulukazi uma ehlanganisa ama-CNAME nama-TTL aphansi namarekhodi ane-TTL ephansi ngokulinganayo (kodwa ezimele):
$ drill raw.githubusercontent.com raw.githubusercontent.com. 9 IN CNAME github.map.fastly.net. github.map.fastly.net. 20 IN A 151.101.128.133 github.map.fastly.net. 20 IN A 151.101.192.133 github.map.fastly.net. 20 IN A 151.101.0.133 github.map.fastly.net. 20 IN A 151.101.64.133
Noma nini lapho i-CNAME noma imaphi amarekhodi A ephelelwa yisikhathi, isicelo esisha kufanele sithunyelwe. Bobabili bane-TTL yesibili engama-30, kodwa akufani. Isilinganiso sangempela se-TTL sizoba imizuzwana engu-15.
Kodwa linda! Kubi nakakhulu. Ezinye izixazululi ziziphatha kabi kakhulu kulesi simo ngama-TTL amabili aphansi ahlobene:
$ drill raw.githubusercontent.com @4.2.2.2 raw.githubusercontent.com. 1 KU-CNAME github.map.fastly.net. github.map.fastly.net. 1 KU-A 151.101.16.133
Isixazululi se-Level3 cishe sisebenza kokuthi BIND. Uma uqhubeka nokuthumela lesi sicelo, i-TTL yoku-1 izohlale ibuyiswa. Empeleni, raw.githubusercontent.com ayigcinwa kunqolobane.
Nasi esinye isibonelo sesimo esinjalo esinesizinda esidume kakhulu:
$ drill detectportal.firefox.com @1.1.1.1 detectportal.firefox.com. 25 IN CNAME detectportal.prod.mozaws.net. detectportal.prod.mozaws.net. 26 IN CNAME detectportal.firefox.com-v2.edgesuite.net. detectportal.firefox.com-v2.edgesuite.net. 10668 IN CNAME a1089.dscd.akamai.net. a1089.dscd.akamai.net. 10 IN A 104.123.50.106 a1089.dscd.akamai.net. 10 IN A 104.123.50.88
Okungenani amarekhodi amathathu e-CNAME. Ay. Omunye une-TTL ehloniphekile, kodwa ayisebenzi nhlobo. Amanye ama-CNAME ane-TTL yokuqala yamasekhondi angu-60, kodwa eyezizinda akamai.net i-TTL ephezulu yimizuzwana engama-20 futhi ayikho neyodwa esezingeni.
Kuthiwani ngezizinda ezihlala zenza inhlolovo kumadivayisi we-Apple?
$ drill 1-courier.push.apple.com @4.2.2.2 1-courier.push.apple.com. 1253 IN CNAME 1.courier-push-apple.com.akadns.net. 1.courier-push-apple.com.akadns.net. 1 IN CNAME gb-courier-4.push-apple.com.akadns.net. gb-courier-4.push-apple.com.akadns.net. 1 IN A 17.57.146.84 gb-courier-4.push-apple.com.akadns.net. 1 IN A 17.57.146.85
Inkinga efanayo neFirefox ne-TTL izobambeka kusekhondi elingu-1 isikhathi esiningi uma kusetshenziswa isixazululi se-Level3.
I-Dropbox?
$ drill client.dropbox.com @8.8.8.8 client.dropbox.com. 7 KU-CNAME client.dropbox-dns.com. client.dropbox-dns.com. 59 IN A 162.125.67.3 $ drill client.dropbox.com @4.2.2.2 client.dropbox.com. 1 IN CNAME client.dropbox-dns.com. client.dropbox-dns.com. 1 KU-A 162.125.64.3
Ekurekhodweni safebrowsing.googleapis.com Inani le-TTL yimizuzwana engama-60, njengezizinda ze-Facebook. Futhi, futhi, ngokombono weklayenti, lawa manani ancishiswa ngohhafu.
Kuthiwani ngokusetha i-TTL encane?
Ngisebenzisa igama, uhlobo lwesicelo, i-TTL, kanye nesitembu sesikhathi esigcinwe ekuqaleni, ngibhale iskripthi ukuze ngilingise izicelo eziyizigidi ezingu-1,5 ezidlula kusixazululi senqolobane ukuze ngilinganisele umthamo wezicelo ezingadingekile ezithunyelwe ngenxa yokufa kwenqolobane ephelelwe yisikhathi.
U-47,4% wezicelo zenziwa ngemva kokuphelelwa yisikhathi kwerekhodi elikhona. Lokhu kuphezulu ngokungenangqondo.
Uzoba yini umthelela ekugcinweni kwesikhashana uma i-TTL encane isethiwe?
I-eksisi engu-X inani elincane le-TTL. Amarekhodi anomthombo we-TTL ngaphezu kwaleli nani awathinteki.
I-axis engu-Y iphesenti lezicelo ezivela kuklayenti eselivele linokufakwa kunqolobane, kodwa liphelelwe yisikhathi futhi lenza isicelo esisha.
Isabelo sezicelo βezengeziweβ sincishiswa sisuka ku-47% siye ku-36% ngokubeka nje ubuncane be-TTL bube yimizuzu emi-5. Ngokusetha i-TTL encane ibe yimizuzu eyi-15, inani lalezi zicelo lehla laya ku-29%. I-TTL encane yehora eli-1 iwanciphisa abe ngu-17%. Umehluko obalulekile!
Kuthiwani ngokungashintshi lutho ohlangothini lweseva, kodwa esikhundleni salokho usethe ubuncane be-TTL kuma-cache eklayenti e-DNS (amarutha, izixazululi zendawo)?
Inani lezicelo ezidingekayo lehla lisuka ku-47% liya ku-34% nge-TTL ubuncane bemizuzu emi-5, liye ku-25% ngemizuzu engu-15 ubuncane, bese liye ku-13% okungenani libe yihora elilodwa. Mhlawumbe imizuzu engu-1 ilungile.
Umthelela walolu shintsho oluncane mkhulu kakhulu.
Iyini imiphumela?
Yiqiniso, isevisi ingathuthelwa kumhlinzeki omusha wamafu, iseva entsha, inethiwekhi entsha, edinga amaklayenti ukuthi asebenzise amarekhodi e-DNS yakamuva. Futhi i-TTL encane isiza ukwenza inguquko enjalo ngokushelela nangokungabonakali. Kodwa ngokushintshela kungqalasizinda entsha, akekho olindele ukuthi amaklayenti athuthele kumarekhodi e-DNS amasha phakathi nomzuzu ongu-1, imizuzu emi-5, noma imizuzu eyi-15. Ukusetha ubuncane be-TTL ibe imizuzu engu-40 esikhundleni semizuzu emi-5 ngeke kuvimbele abasebenzisi ukuthi bafinyelele isevisi.
Nokho, lokhu kuzonciphisa kakhulu ukubambezeleka futhi kuthuthukise ubumfihlo nokwethembeka ngokugwema izicelo ezingadingekile.
Yebo, ama-RFC athi i-TTL kufanele ilandelwe ngokuqinile. Kepha iqiniso liwukuthi uhlelo lwe-DNS selungasebenzi kahle kakhulu.
Uma usebenza namaseva e-DNS agunyaziwe, sicela uhlole ama-TTL akho. Ingabe uwadinga ngempela amanani aphansi ngendlela ehlekisayo?
Yebo, kunezizathu ezinhle zokusetha ama-TTL amancane amarekhodi e-DNS. Kepha hhayi kuma-75% wethrafikhi ye-DNS ehlala ingashintshile.
Futhi uma ngesizathu esithile udinga ngempela ukusebenzisa i-TTL ephansi ye-DNS, ngesikhathi esifanayo qiniseka ukuthi isayithi lakho alinayo i-caching evunyelwe. Ngezizathu ezifanayo.
Uma unenqolobane yendawo ye-DNS esebenzayo, njenge okukuvumela ukuthi usethe ubuncane be-TTL, sebenzisa lo msebenzi. Lokhu kuhle. Akukho okubi okuzokwenzeka. Setha ubuncane be-TTL ukuthi bube cishe imizuzu engama-40 (amasekhondi angu-2400) nehora elingu-1. Ububanzi obunengqondo impela.
Source: www.habr.com