Chikwata chevaongorori kubva kuPeking University, Tsinghua University uye University of Texas kuDallas yakaburitsa ruzivo nezve basa rako raitwa kuti ukwanise kuziva kirasi nyowani yekurwiswa kweDoS iyo yavakatumidza kuti "RangeAmp" uye zvinoenderana nekushandiswa kweiyo Range HTTP musoro kurongedza kukwidziridzwa kwetraffic kuburikidza neyemukati mekutakura network (CDN).
Musimboti wenzira chinhu ndechekuti, nekuda kweiyo quirk yekugadzirisa Range misoro pane akawanda maCDN, anorwisa unogona kukumbira byte kubva kune hombe faira kuburikidza neCDN, asi iyo CDN inotora pasi rose faira kana rakanyanya kukura bha data kubva kune kwairi kuenda server ye caching.
Iyo dhigirii yekuwedzeredza traffic panguva yekurwiswa kwerudzi urwu, sekureva kweCDN, ndeye 724 kusvika 43330 nguva, iyo inogona kushandiswa kuwandisa irikuuya CDN traffic kana kudzikamisa bandwidth yeyekupedzisira nzira yekutaurirana kunzvimbo yeiye akabatwa.
Musoro weRange unobvumidza mutengi kuti aone huwandu hwenzvimbo mufaira iyo inofanirwa kutakurwa panzvimbo yekudzorera iyo faira rese
Semuenzaniso, mutengi anogona kudoma "Range: bytes = 0-1023" uye sevha inoendesa chete ekutanga gumi nemakumi maviri nemaviri emadata. Iyi ficha iri mukuda kukuru kana uchitsvaga mafaera mahombe: mushandisi anogona kumbomisa kurodha pasi wobva waenderera mberi kubva pakakanganiswa nzvimbo. Kana uchitsanangura "byte = 1024-0", iyo standard inonyorera kupa yekutanga byte mufaira, "bytes = -0" - yekupedzisira, "byte = 1-" - kubva pa1 byte kusvika kumagumo kwefaira. Unogona kupfuudza akati wandei mumusoro mumwe, semuenzaniso "Range: bytes = 1-0-1023.8192".
Uyewo, kurwisa kwechipiri sarudzo kwakarongwa (inonzi RangeAmp Kupindirana neBete Ranges (OBR) kurwisa, Yakagadzirirwa kuwedzera mutoro mutoro kana traffic ichiendeswa kuburikidza neimwe CDN, iyo inoshandiswa seye proxy (semuenzaniso, apo Cloudflare inoshanda semberi (FCDN) uye Akamai anoita seye backend (BCDN)). Maitiro acho akafanana nekutanga kurwisa, asi inowanikwa mukati maCDN uye inokutendera kuti uwedzere traffic kana uchiwana kuburikidza nemamwe maCDN, uchiwedzera mutoro pazvivakwa uye uchideredza mhando yebasa.
Pfungwa ndeyekuti anorwisa atumire akawanda masosi kuchikumbiro cheCDN renji, senge "mabheti = 0-, 0-, 0 - ...", "mabheti = 1-, 0-, 0 - ..." kana "byte = - 1024,0-, 0 -…".
Zvikumbiro zvine hombe nhamba ye "0-" masosi, zvinoreva kudzoka kwefaira kubva pakutanga kusvika kumagumo. Nekuda kwenzvimbo isiriyo yekuparadzanisa kana CDN yekutanga ichinongedzera kune yechipiri, faira rakazara rinodzoserwa kune yega "0-" bhendi (mitsara haina kuunganidzwa, asi yakarairwa zvakateerana) kana kudzokororwa kwematanho uye mharadzano zviripo muchikumbiro chekurwisa chakatumirwa pakutanga. Iyo mwero wekusimudzira traffic mune kwakadai kurwisa kunosiyana kubva pa53 kusvika 7432 nguva.
Chidzidzo chacho chakaongorora maitiro e13 CDNs: Akamai, Alibaba Cloud, Azure, CDN77, CDNsun, Cloudflare, CloudFront, Fastly, G-Core Labs, Huawei Cloud, KeyCDN, StackPath, uye Tencent Cloud.
"Nehurombo, kunyangwe isu takavatumira tsamba kakawanda uye tichiedza kubata vatengi vavo, StackPath haina kupa chero mhinduro," rakadaro boka rekutsvaga.
“Pakazara, takaita zvese zvatinogona kuti titaure zvine hungwaru nekupa mhinduro dzekudzora. "Vanoenderana nevanopa maCDN vanga vava nemwedzi inoda kusvika minomwe vachishandisa nzira dzekudzikisira gwaro iri risati raburitswa."
Ese maCDN akaongororwa akabvumidza yekutanga mhando yekurwisa pane yakanangwa server. Yechipiri vhezheni yekurwiswa kweCDN yakazoburitswa pamasevhisi matanhatu, ayo mana anogona kuita seanoratidzira mukurwisa (CDN6, CDNsun, Cloudflare uye StackPath) uye vatatu muchinzvimbo chekuseri-kumagumo (Akamai, Azure uye StackPath).
Pfuma yepamusoro inowanikwa muAkamai neStackPath, iyo inokutendera kuti uratidze zvinopfuura zviuru gumi mumusoro weRank.
Varidzi veCDN vakaziviswa nezvazvo yekusagadzikana inenge mwedzi 7 yapfuura uye panguva yekuburitswa kweruzhinji kweruzivo, gumi nemaviri kubva pagumi nemaCDN akagadzirisa matambudziko akaratidzwa kana kuratidza kuda kwavo kuagadzirisa.
mabviro: https://www.liubaojun.org