Isiphequluli se-Chromium, umzali ochumayo womthombo ovulekile we-Google Chrome kanye ne-Microsoft Edge entsha, sithole ukunakwa okubalulekile kwesici ebesihloselwe ngenhloso enhle: sihlola ukuthi i-ISP yomsebenzisi "iyantshontsha" imiphumela yombuzo wesizinda esingekho. .
, okudala imibuzo mbumbulu "yezizinda" ezingahleliwe okungenzeka ngokwezibalo ukuthi zibe khona, ibophezelekile cishe engxenyeni yenani lethrafikhi elitholwe amaseva ezimpande e-DNS emhlabeni jikelele. Unjiniyela we-Verisign uMat Thomas wabhala isikhathi eside kubhulogi ye-APNIC echaza inkinga futhi ihlola izinga layo.
Ukuthi ukulungiswa kwe-DNS kuvamise ukwenziwa kanjani
Lezi ziphakeli ziyiziphathimandla eziphezulu okufanele uxhumane nazo ukuze uxazulule i-.com, .net, njll. ukuze zizokutshela ukuthi i-frglxrtmpuf ayisona isizinda sezinga eliphezulu (i-TLD).
I-DNS, noma i-Domain Name System, iwuhlelo lapho amakhompyutha akwazi ukuxazulula amagama esizinda akhumbulekayo njenge-arstechnica.com ibe amakheli e-IP angasebenziseki kalula njenge-3.128.236.93. Ngaphandle kwe-DNS, i-inthanethi ibingeke ibe khona ngendlela abantu abangayisebenzisa, okusho ukuthi umthwalo ongadingekile kungqalasizinda yezinga eliphezulu inkinga yangempela.
Ukulayisha ikhasi lewebhu lesimanje elilodwa kungadinga inombolo emangalisayo yokubheka i-DNS. Isibonelo, ngenkathi sihlaziya ikhasi eliyisiqalo le-ESPN, sibale amagama esizinda ahlukene angama-93, kusukela ku-a.espncdn.com kuye ku-z.motads.com. Zonke ziyadingeka ukuze ikhasi lilayishe ngokugcwele!
Ukwamukela lo mthwalo wenjini yokusesha edinga ukusevisa umhlaba wonke, i-DNS yakhelwe njengokuhlelwa kwamazinga amaningi. Phezulu kule phiramidi kukhona amaseva empande - isizinda ngasinye sezinga eliphezulu, njenge-.com, sinomndeni waso wamaseva okuyigunya eliphakeme kakhulu lesizinda ngasinye esingaphansi kwazo. Isinyathelo esisodwa phezulu kwalaba amaseva amaseva ezimpande ngokwawo, avela a.root-servers.net ukuze m.root-servers.net.
Kwenzeka kangaki lokhu?
Ngenxa yokulandelana kwenqolobane yamazinga amaningi engqalasizinda ye-DNS, iphesenti elincane kakhulu lemibuzo ye-DNS yomhlaba ifinyelela kuziphakeli eziyimpande. Abantu abaningi bathola ulwazi lwabo lwesixazululi se-DNS ngokuqondile ku-ISP yabo. Uma idivayisi yomsebenzisi idinga ukwazi ukuthi ifika kanjani kuwebhusayithi ethile, isicelo siqale sithunyelwe kuseva ye-DNS ephethwe yilowo mhlinzeki wendawo. Uma iseva yendawo ye-DNS ingayazi impendulo, idlulisela isicelo “kubadluliseli” bayo (uma kucacisiwe).
Uma kungeyona iseva ye-DNS yomhlinzeki wendawo noma "amaseva okudlulisela" ashiwo ekucushweni kwayo anempendulo egcinwe kunqolobane, isicelo siphakanyiswa ngokuqondile kuseva yesizinda esigunyaziwe. ephakeme lowo ozama ukuyiguqula. Nini домен.com lokhu kuzosho ukuthi isicelo sithunyelwa kumaseva agunyaziwe wesizinda ngokwaso com, ezitholakala e gtld-servers.net.
Uhlelo gtld-servers, isicelo esenziwe kuso, iphendula ngohlu lwamaseva egama anegunya lesizinda sesizinda.com, kanye nerekhodi lokuxhuma okungenani elilodwa eliqukethe ikheli le-IP leseva yegama elinjalo. Okulandelayo, izimpendulo zihambisa phansi uchungechunge - umdluliseli ngamunye udlulisela lezi zimpendulo ezansi kuseva ezicelile, kuze kube yilapho impendulo ifika ekugcineni iseva yomhlinzeki wendawo kanye nekhompyutha yomsebenzisi. Zonke zigcina le mpendulo ukuze zingaphazamisi ngokungenasidingo amasistimu asezingeni eliphezulu.
Ezimweni eziningi, iseva yegama irekhoda domain.com izovele ifakwe kunqolobane komunye walaba badluliseli, ukuze iziphakeli zempande zingaphazanyiswa. Nokho, okwamanje sikhuluma ngohlobo lwe-URL esijwayelene nayo - leyo eguqulelwa kuwebhusayithi evamile. Izicelo ze-Chrome zisezingeni ephakeme lokhu, esinyathelweni samaqoqo ngokwawo root-servers.net.
Ukuhlola ukwebiwa kwe-Chromium ne-NXDomain
I-Chromium ihlola ukuthi "ingabe le seva ye-DNS iyangikhohlisa?" akhawunti cishe ingxenye yayo yonke ithrafikhi efinyelela kuqoqo le-Verisign lamaseva ezimpande ze-DNS.
Isiphequluli seChromium, iphrojekthi engumzali ye-Google Chrome, iMicrosoft Edge entsha, neziphequluli ezingenakubalwa ezaziwa kancane, ifuna ukunikeza abasebenzisi kalula ukusesha ebhokisini elilodwa, ngezinye izikhathi elibizwa ngokuthi "I-Omnibox." Ngamanye amazwi, umsebenzisi ufaka kokubili ama-URL wangempela kanye nemibuzo yenjini yokusesha endaweni yombhalo efanayo phezulu ewindini lesiphequluli. Ukuthatha esinye isinyathelo sokwenza lula, akuphoqi umsebenzisi ukuthi afake ingxenye ye-URL ngayo http:// noma https://.
Nakuba lokhu kulula, le ndlela idinga ukuthi isiphequluli siqonde ukuthi yini okufanele ithathwe njenge-URL nokuthi yini okufanele ibhekwe njengombuzo wosesho. Ezimweni eziningi lokhu kusobala kakhulu - isibonelo, iyunithi yezinhlamvu enezikhala ayikwazi ukuba i-URL. Kodwa izinto zingaba nzima nakakhulu uma ucabangela ama-intranethi—amanethiwekhi ayimfihlo angaphinda asebenzise izizinda eziyimfihlo ezisezingeni eliphezulu ukuxazulula amawebhusayithi wangempela.
Uma umsebenzisi ku-intranethi yenkampani yakhe ethayipha "ukukhangisa" futhi i-intranethi yenkampani inewebhusayithi yangaphakathi enegama elifanayo, bese i-Chromium ibonisa ibhokisi lemininingwane ebuza umsebenzisi ukuthi uyafuna yini ukusesha "ukuthengisa" noma ukuya ku- https://marketing. Lokhu kungase kungabi njalo, kodwa ama-ISP amaningi nabahlinzeki be-Wi-Fi basesidlangalaleni "bantshontsha" wonke ama-URL angapeliwe kahle, aqondise kabusha umsebenzisi ekhasini elithile eligcwele izibhengezo.
Isizukulwane esingahleliwe
Onjiniyela be-Chromium bebengafuni abasebenzisi abakunethiwekhi evamile ukuthi babone ibhokisi lemininingwane elibuza ukuthi baqonde ukuthini njalo uma befuna igama elilodwa, ngakho-ke basebenzise ukuhlolwa: Lapho bethula isiphequluli noma beshintsha amanethiwekhi, i-Chromium yenza ukubheka kwe-DNS kokuthathu. ekhiqizwa ngokungahleliwe "izizinda" ezingeni eliphezulu, izinhlamvu eziyisikhombisa kuya kweziyishumi nanhlanu ubude. Uma noma yiziphi ezimbili zalezi zicelo zibuya nekheli le-IP elifanayo, i-Chromium izothatha ukuthi inethiwekhi yendawo "iduna" amaphutha. NXDOMAIN, okufanele siyithole, ngakho isiphequluli sibheka yonke imibuzo yegama elilodwa efakiwe njengemizamo yokusesha kuze kube yilapho sithola esinye isaziso.
Ngeshwa, kumanethiwekhi lokho hhayi yeba imiphumela yemibuzo ye-DNS, le misebenzi emithathu ivamise ukukhuphukela phezulu, kuze kuyofika kumaseva egama lempande ngokwawo: iseva yendawo ayazi ukuthi ixazululwe kanjani. qwajuixk, ngakho-ke idlulisela lesi sicelo kumdluliseli wayo, owenza okufanayo, kuze kube sekugcineni a.root-servers.net noma omunye “wabafowabo” ngeke aphoqwe ukuba athi “Uxolo, kodwa lesi akusona isizinda.”
Njengoba kukhona cishe 1,67*10^21 amagama esizinda mbumbulu okungenzeka asukela ezinhlamvu eziyisikhombisa kuya kweziyishumi nanhlanu ubude, avame kakhulu ngamunye kusuka kulezi zivivinyo ezenziwe kunethiwekhi "ethembekile", ifika kuseva yezimpande. Lokhu kufana nokulingana uhhafu kusukela kumthwalo ophelele wempande ye-DNS, ngokuya ngezibalo ezivela kuleyo ngxenye yamaqoqo root-servers.net, eziphethwe yi-Verisign.
Umlando uyaziphinda
Akukhona okokuqala ukuthi iphrojekthi idalwe ngezinjongo ezinhle kakhulu noma icishe yakhukhula insiza yomphakathi ngethrafikhi engadingekile - lokhu kwasikhumbuza ngokushesha umlando omude nodabukisayo weseva ye-D-Link kanye ne-Poul-Henning Kamp's NTP (Network Time Protocol) maphakathi nawo-2000s.
Ngo-2005, umthuthukisi we-FreeBSD u-Poul-Henning, naye owayephethe iseva ye-Stratum 1 Network Time Protocol kuphela yaseDenmark, uthole ibhilikhili engalindelekile nenkulu yethrafikhi edluliswayo. Ngamafuphi, isizathu sasiwukuthi abathuthukisi be-D-Link babhale amakheli amaseva we-Stratum 1 NTP, kuhlanganise neseva ye-Kampa, ku-firmware yomugqa wenkampani wokushintshwa, ama-routers kanye nezindawo zokufinyelela. Lokhu kwandisa ngokushesha ukugcwala kweseva ye-Kampa ngokuphindwe kasishiyagalolunye, okwenza i-Danish Internet Exchange (i-Denmark's Internet Exchange Point) iguqule intela yayo isuka kokuthi "Yamahhala" iye ku-"$9 ngonyaka."
Проблема заключалась не в том, что маршрутизаторов D-Link было слишком много, а в том, что они «нарушали субординацию». Почти как и DNS, NTP должны работать в иерархической форме — серверы уровня Stratum 0 передают информацию серверам Stratum 1, которые передают информацию серверам Stratum 2, и так далее, вниз по иерархии. Обычный домашний маршрутизатор, коммутатор или точка доступа наподобие тех, в которые D-Link прошила адреса NTP-серверов, должны были отправлять запросы серверу Stratum 2 или Stratum 3.
Iphrojekthi ye-Chromium, mhlawumbe ngezinjongo ezinhle kakhulu, iphindaphinde inkinga ye-NTP enkingeni ye-DNS, ilayisha iziphakeli zezimpande ze-inthanethi ngezicelo ebezingahloselwe ukuzisingatha.
Likhona ithemba lesixazululo esisheshayo
Iphrojekthi ye-Chromium inomthombo ovulekile , okudinga ukukhubaza i-Intranet Redirect Detector ngokuzenzakalela ukuze kuxazululwe le nkinga. Kufanele sinikeze ikhredithi kuphrojekthi ye-Chromium: iphutha litholakele ngaphambi kwalokhoindlela uMat Thomas kaVerisign amlethela ngayo ukunakwa okuningi neyakhe kubhulogi ye-APNIC. Isiphazamisi satholwa ngoJuni, kodwa sahlala sikhohliwe kwaze kwaba sekuthunyelwe kukaThomas; Ngemva kokuzila ukudla, waqala ukugadwa kakhulu.
Kwethenjwa ukuthi inkinga izoxazululwa maduze, futhi amaseva ezimpande ze-DNS ngeke kusadingeka aphendule imibuzo mbumbulu elinganiselwa ku-60 billion nsuku zonke.
Emalungelo Wokukhangisa
Amaseva ama-Epic Ingabe noma i-Linux enamaphrosesa omndeni we-AMD EPYC anamandla namadrayivu e-Intel NVMe ashesha kakhulu. Shesha uku-oda!
Source: www.habr.com