PowerDNS Recursor 4.6 mar hore ayaa la sii daayay kuwanuna waa warkeeda

Darkcrizt

Daqiiqado 4

The Soo saarista nooca cusub ee Kheyraadka PowerDNS 4.6 kuwaas oo qaar ka mid ah hagaajinta, hagaajinta cayayaanka iyo in ka badan dhammaan sifooyin cusub ayaa la hirgeliyay, kuwaas oo Aagga kaydinta ay ka muuqato, tusaale ahaan, iyo sidoo kale awoodda faaruqinta gelinta cache, iyo waxyaabo kale.

Kuwa aan aqoon u lahayn PowerDNS, waa inay ogaadaan inay taasi tahays mas'uul ka ah xalinta magaca soo noqoshada. Soo-celinta PowerDNS waxay ku saleysan tahay isla saldhiga koodhka sida PowerDNS Server Server, laakiin PowerDNS Recursive and Authoritative DNS server waxay ku soo baxaan wareegyo horumarineed oo kala duwan waxaana loo sii daayaa alaabooyin kala duwan.

Server-ku wuxuu siiyaa qalab loogu talagalay aruurinta tirakoobka fog, wuxuu taageeraa reboot deg deg ah, wuxuu leeyahay mashiin lagu dhisay isku xirka darawalada luuqada Lua, wuxuu si buuxda u taageeraa DNSSEC, DNS64, RPZ (Zones Policy Respons), wuxuuna awood u siinayaa liiska madow.

Natiijooyinka xallinta waxaa loo diiwaangelin karaa sidii faylalka aagga BIND. Si loo hubiyo waxqabadka sare, habab casri ah oo isku xirka isku dhufashada ayaa loo isticmaalaa FreeBSD, Linux, iyo Solaris (kqueue, epoll, /dev/poll), iyo sidoo kale xirmo DNS ah oo wax qabad sare leh oo awood u leh inuu farsameeyo tobanaan kun oo codsiyo isbarbar socda.

Astaamaha ugu muhiimsan ee cusub ee PowerDNS Recursor 4.6

Noocan cusub ayaa shaqada lagu daray "Zone to cache", kaas oo kuu ogolaanaya inaad si xilliyo ah u soo kabsato aagga DNS oo geli waxa ku jira kaydka, bsi cache-ku had iyo jeer ugu jiro xaalad "kulul". oo ka kooban xogta la xidhiidha aagga. Muuqaalka waxaa loo isticmaali karaa nooc kasta oo aag ah, oo ay ku jiraan aagagga xididka. Soo saarista aagga waxa lagu samayn karaa iyada oo la adeegsanayo DNS AXFR, HTTP, HTTPS, ama iyada oo laga soo raro faylka maxaliga ah.

Cusboonaysiin kale oo taagan ayaa ah taas taageero dheeraad ah oo ku saabsan siraynta wicitaanada server-yada DNS iyadoo la adeegsanayo DoT (DNS oo ka sarreeya TLS). Sida caadiga ah, DoT waxa la furayaa marka dekedda 853 la cayimo ee gudbiyaha DNS ama marka si cad loo liis gareeyo server-yada DNS iyada oo loo marayo cabbirka-to-auth-names.

Xaqiijinta shahaadada weli lama samayn, iyo sidoo kale si toos ah ugu beddelashada DoT marka uu taageerayo server-ka DNS (hawlahan waxa la hawlgelin doonaa ka dib ansixinta guddiga habaynta).

Waxaa sidoo kale la iftiimiyay in dib u qor koodka si aad u dhisto xidhiidhada TCP ee baxaya iyo ku daray awoodda dib u isticmaalida isku xirka. Si dib loogu isticmaalo isku xirka TCP (iyo DoT), isku xirka lama xidho isla markiiba ka dib marka codsiga la habeeyo, laakiin taa beddelkeeda waxa loo daayaa furan in muddo ah (dabeecadda waxa gacanta ku haya goobta tcp-out-max-idle-ms).

Ee isbedelo kale qeu soo baxay:

  • Qiyaasta cabbirrada la ururiyay oo la dhoofiyay oo wata tirakoobyo iyo macluumaadka nidaamyada raadraaca ayaa la ballaariyay.
  • Siisay awoodda lagu daadiyo gelinta cache-ga marka codsiyada wargelinta ee imanaya ay yimaadaan.
  • Baadheeyaha dhacdada tijaabada ah ayaa lagu daray si uu u bixiyo macluumaad faahfaahsan oo ku saabsan wakhtiga fulinta ee marxalad kasta oo xalin ah.

Ugu dambeyntii, haddii aad rabto inaad wax badan ka ogaato, waxaad kala tashan kartaa faahfaahinta sii deyntan cusub ee ku jirta xiriirka soo socda. 

Hel Soo-celiyaha PowerDNS 4.6

Kuwa aad xiiseyneysaan inay helaan PowerDNS Recursor 4.4, waa inaad ogaataan in koodhka isha laga heli karo GitHub.

Si aad u hesho lambarka, kaliya furo terminal oo qor amarka soo socda:

git clone https://github.com/PowerDNS/pdns.git

Bakhaarkaan waxaa kujira ilaha PowerDNS Recursor, PowerDNS Server Authoritative, iyo dnsdist (dheelitir culus oo xamuul ah oo DNS ah). Dhamaan sedexda waxaa laga dhisi karaa bakhaarkan.

Noocyada kala duwan waxaa lagu dhisi karaa iyadoo la kaashanayo pdns-builder, oo adeegsada habka dhisida ee ku saleysan Docker. Si aad ugu bilawdo tan, ku amarro amarradan salka bakhaarkan:

git submodule init
git submodule update
./builder/build.sh

Marka laga hadlayo kuwa isticmaala Ubuntu, waxay ku fulin karaan dhismaha iyaga oo garaacaya amarrada soo socda:

sudo apt install autoconf automake ragel bison flex
sudo apt install libcurl4-openssl-dev luajit lua-yaml-dev libyaml-cpp-dev libtolua-dev lua5.3 autoconf automake ragel bison flex g++ libboost-all-dev libtool make pkg-config libssl-dev virtualenv lua-yaml-dev libyaml-cpp-dev libluajit-5.1-dev libcurl4 gawk libsqlite3-dev
apt install libsodium-dev
apt install default-libmysqlclient-dev
apt install libpq-dev
apt install libsystemd0 libsystemd-dev
apt install libmaxminddb-dev libmaxminddb0 libgeoip1 libgeoip-dev
autoreconf -vi

Iyo si loo soo ururiyo nooc aad u nadiif ah, isticmaal:

./configure --with-modules="" --disable-lua-records
make
# make install

Si la mid ah, waxay la tashan karaan dukumiintiyada oo ay heli karaan xirmooyinka horay loo dhisay ee PowerDNS (deynta iyo rpm) kuwaas oo laga heli karo keydka koodhka softiweerka. Way tashan karaan adoo maraya isku xirka soo socda.


Ka tag faalladaada

cinwaanka email aan la daabacin doonaa. Beeraha loo baahan yahay waxaa lagu calaamadeeyay la *

*

*

  1. Masuul ka ah xogta: Miguel Ángel Gatón
  2. Ujeedada xogta: Xakamaynta SPAM, maaraynta faallooyinka.
  3. Sharci: Oggolaanshahaaga
  4. Isgaarsiinta xogta: Xogta looma gudbin doono dhinacyada saddexaad marka laga reebo waajibaadka sharciga ah.
  5. Kaydinta xogta: Macluumaadka ay martigelisay Shabakadaha Occentus (EU)
  6. Xuquuqda: Waqti kasta oo aad xadidi karto, soo ceshan karto oo tirtiri karto macluumaadkaaga.