ukukhishwa kweseva ye-DNS egunyaziwe , eklanyelwe ukuhlela ukusatshalaliswa kwezindawo ze-DNS. Ngu Abathuthukisi bephrojekthi, Iseva Egunyaziwe ye-PowerDNS inikezela cishe ku-30% yenani eliphelele lezizinda e-Europe (uma sicabangela izizinda kuphela ezinamasiginesha e-DNSSEC, bese kuba ngu-90%). Ikhodi yephrojekthi ilayisensi ngaphansi kwe-GPLv2.
I-PowerDNS Authoritative Server inikeza amandla okugcina ulwazi lwesizinda kuzinqolobane ezihlukahlukene, okuhlanganisa i-MySQL, i-PostgreSQL, i-SQLite3, i-Oracle, ne-Microsoft SQL Server, kanye ne-LDAP namafayela ombhalo ongenalutho ngefomethi ye-BIND. Impendulo ingahlungwa ngokuqhubekayo (isibonelo, ukuhlunga ugaxekile) noma iqondiswe kabusha ngokuxhuma izibambi ngokwezifiso ku-Lua, Java, Perl, Python, Ruby, C kanye ne-C++. Izici futhi zihlanganisa amathuluzi okuqoqwa okukude kwezibalo, okuhlanganisa nge-SNMP noma nge-Web API (iseva ye-HTTP yakhelwe ukuze uthole izibalo nokuphathwa), ukuqalisa kabusha okusheshayo, injini eyakhelwe ngaphakathi yokuxhuma izibambi ngolimi lwesiLua, ikhono lokulayisha ibhalansi. kucatshangelwa indawo yendawo yeklayenti .
main :
- Isici esingeziwe amarekhodi anabaphathi ngolimi lwesiLua, ngosizo ongakha izibambi eziyinkimbinkimbi ezicabangela i-AS, ama-subnet, ukusondela komsebenzisi, njll. lapho ubuyisela idatha. Usekelo lwamarekhodi e-Lua selusetshenziswe kukho konke okungemuva kwesitoreji, okuhlanganisa i-BIND ne-LMDB. Isibonelo, ukuthumela idatha ngokucabangela ukuhlola kwangemuva kokutholakala komsingathi ekucushweni kwendawo, manje ungacacisa:
@IN LUA A "ifportup(443, {'52.48.64.3', '45.55.10.200'})"
- Kwengezwe insiza entsha , okuvumela ukuthi udlulise izindawo kusuka kuseva egunyaziwe usebenzisa izicelo ze-AXFR kanye ne-IXFR, kucatshangelwa ukuhambisana kwedatha edlulisiwe (kusizinda ngasinye, inombolo ye-SOA ihlolwe futhi izinguqulo ezintsha kuphela zendawo ezilandiwe). Uhlelo lokusebenza likuvumela ukuthi uhlele ukuvumelanisa kwezindawo ngenani elikhulu kakhulu lamaseva esibili naphindayo ngaphandle kokudala umthwalo osindayo kuseva eyinhloko;
- Ekulungiseleleni isinyathelo Inani lepharamitha ye-udp-truncation-threshold, enesibopho sokunquma izimpendulo ze-UDP kuklayenti, lehlisiwe lisuka ku-1680 laya ku-1232, okufanele linciphise kakhulu amathuba okulahlekelwa amaphakethe e-UDP. Inani elingu-1232 likhethiwe ngenxa yokuthi liwumkhawulo lapho usayizi wempendulo ye-DNS, kucatshangelwa i-IPv6, ingena enanini elincane le-MTU (1280);
- Kwengezwe i-backend yesitoreji esekwe kusizindalwazi . I-backend ithobela ngokugcwele i-DNSSEC, ingasetshenziselwa izindawo eziyinhloko nezigqila, futhi ihlinzeka ngokusebenza okungcono kakhulu kunamanye ama-backends amaningi. Ngokushesha ngaphambi kokukhishwa, kungezwe ushintsho kukhodi ephazamise ukusebenza kwe-backend ye-LMDB (ukucubungula izindawo zezigqila nokulayisha nge-pdnsutil kusebenzile, kodwa imiyalo efana ne-"pdnsutil edit-zone" yayeka ukusebenza. Izinkinga zihlelelwe ukuthi zilungiswe. ekukhululweni kokulungiswa okulandelayo;
- Kwehlisiwe usekelo lomsebenzi we-"autoserial" ongabhalwanga kahle, obuvimbela izinkinga ezithile ukuthi zixazululwe. Ngokwezidingo (I-GOST R 34.11-2012 ithuthelwe esigabeni esithi βAKUMELE AKUMELEβ) I-DNSSEC ayisasekeli i-GOST DS hashes namasiginesha edijithali ye-ECC-GOST.
Njengesikhumbuzo, i-PowerDNS isithuthele emjikelezweni wokuthuthukiswa wezinyanga eziyisithupha, kanti kulindeleke ukukhishwa okulandelayo kwe-PowerDNS Authoritative Server ngoFebhuwari 2020. Izibuyekezo zokukhishwa okubalulekile zizothuthukiswa unyaka wonke, okuzothi ngemva kwalokho kukhishwe ukulungiswa kokuba sengozini ezinye izinyanga eziyisithupha. Ngakho, ukusekelwa kwegatsha le-PowerDNS Authoritative Server 4.2 kuzohlala kuze kube nguJanuwari 2021.
Source: opennet.ru