U-Olivier Cochard-LabbΓ©, umdali wokusatshalaliswa kwe-FreeNAS, ukukhululwa kwekhithi ekhethekile yokusabalalisa (BSDRP), ephawuleka ngokubuyekeza i-codebase ibe yi-FreeBSD 12.1. Ukusabalalisa kuklanyelwe ukudala amarutha esofthiwe ahlangene asekela izinhlobonhlobo zezivumelwano, njenge-RIP, i-OSPF, i-BGP ne-PIM. Ukuphatha kwenziwa ngemodi yomugqa womyalo ngokusebenzisa isikhombimsebenzisi se-CLI esikhumbuza i-Cisco. Ukusabalalisa emibuthanweni yezakhiwo ze-amd64 kanye ne-i386 (usayizi wesithombe sokufakwa ngu-140 MB).
Ngaphezu kokuthuthukela ku-FreeBSD 12.1-STABLE, inguqulo entsha ukunika amandla ukulayishwa kwe-microcode ngokuzenzakalelayo kuma-Intel processors nokungeza i-wireguard, i-Mellanox Firmware, i-vim-tiny, i-mrtparse, i-nrpe3, i-perl, i-bash ne-frr7-pythontools amaphakheji, kanye ne-if_cxgbev (Chelsio Ethernet VF) kanye nama-drivers if_qlxgb (Ethernet3200 Q3.0.7) . Ngokuzenzakalelayo, ukuvinjwa okulungile kokuqondisa kabusha kwe-ICMP kunikwe amandla. Izinguqulo zesofthiwe ezibuyekeziwe zifaka i-easy-rsa 7.4, FRR 1.7.4, pmacct 2.4.9, openvpn 5.8.4 kanye ne-strongswan 6. Izinsiza zokusakaza okuningi ze-IPv6 (amathuluzi e-pim6, i-pim6dd, i-pimXNUMXsd) azifakiwe kuphakheji.
Izici eziyinhloko zokusabalalisa:
- Ikhithi ihlanganisa amaphakheji amabili ngokuqaliswa kwezinqubo zomzila: (Imfoloko ye-Quagga) esekelwa i-BGP, i-RIP, i-RIPng (IPv6), i-OSPF v2, i-OSFP v3 (IPv6), i-ISIS kanye ngokusekelwa kwe-BGP, i-RIP, i-RIPng (IPv6), i-OSPF v2 ne-OSFP v3 (IPv6);
- Ukusabalalisa kwenzelwa ukusetshenziswa okufanayo kwamathebula omzila amaningana ahlukene (ama-FIB), aboshelwe ezindaweni zangempela nezibonakalayo;
- I-SNMP (bsnmp-ucd) ingasetshenziselwa ukuqapha nokuphatha. Isekela ukuthunyelwa kwedatha yethrafikhi ngendlela ye-Netflow stream;
- Ukuhlola ukusebenza kwenethiwekhi, kuhlanganisa izinsiza ezifana ne-NetPIPE, iperf, netblast, netsend ne-netreceive. Ukuze kuqoqwe izibalo zethrafikhi, i-ng_netflow iyasetshenziswa;
- Ukuba khona kwe-freevrrpd ngokusetshenziswa kwephrothokholi ye-VRRP (i-Virtual Router Redundancy Protocol, RFC 3768) kanye ne-ucarp ngokusekelwa kwephrothokholi ye-CARP, eklanyelwe ukuhlela ukusebenza kwamarutha abekezelela amaphutha ngokubopha ikheli le-MAC elibonakalayo kuseva esebenzayo, okuthi uma kwenzeka yehluleke ithuthelwe kuseva eyisipele. Kwimodi evamile, umthwalo ungasatshalaliswa kuwo wonke amaseva, kodwa uma kwenzeka ukwehluleka, i-router yokuqala ingathatha umthwalo wesibili, kanti eyesibili - eyokuqala;
- (I-Multi-link PPP daemon) esekela i-PPTP, i-PPPoE ne-L2TP;
- Ukuze uphathe umkhawulokudonsa, kuhlongozwa ukusebenzisa i-shaper kusuka ku-IPFW + dummynet noma ;
- Ku-Ethernet, isekela ukusebenza ne-VLAN (802.1q), ukuhlanganisa izixhumanisi kanye nokusetshenziswa kwamabhuloho enethiwekhi kusetshenziswa i-Rapid Spanning Tree Protocol (802.1w);
- Isetshenziselwa ukuqapha ;
- Ukusekelwa kwe-VPN kuhlinzekiwe: GRE, GIF, IPSec (IKEv1 ne-IKEv2 nge-strongswan), i-OpenVPN ne-Wireguard;
- Ukusekelwa kwe-NAT64 kusetshenziswa i-tayga daemon nokusekelwa komdabu kwemigudu ye-IPv6-to-IPv4;
- Ukufaka izinhlelo ezengeziwe, sebenzisa umphathi wephakheji we-pkgng;
- Ihlanganisa iseva ye-DHCP kanye neklayenti le-isc-dhcp, kanye neseva yemeyili ye-ssmtp;
- Isekela ukuphathwa nge-SSH, i-serial port, i-telnet ne-console yendawo. Ukwenza kube lula ukuphatha, ikhithi ihlanganisa insiza ye-tmux (i-analogue ye-BSD yesikrini);
- Qalisa izithombe ezikhiqizwe ngokusekelwe ku-FreeBSD kusetshenziswa iskripthi ;
- Ukuqinisekisa ukubuyekezwa kwesistimu, ukuhlukaniswa okubili kuyadalwa ekhadini le-Flash; uma isithombe esibuyekeziwe sitholakala, silayishwa esabelweni sesibili; ngemva kokuqaliswa kabusha, lokhu kuhlukaniswa kuyaba sebenzayo, futhi ukuhlukaniswa kwesisekelo kulinde ukuthi isibuyekezo esilandelayo sivele ( ama-partitions asetshenziswa ngokulandelana). Kungenzeka ukuthi ubuyele esimweni sangaphambilini sesistimu uma izinkinga zikhonjwa ngesibuyekezo esifakiwe;
- Ifayela ngalinye linesheke le-sha256, elikuvumela ukuthi uqinisekise ubuqotho bolwazi.
Source: opennet.ru