2014/1/27

DNS support edns-client-subnet

2019/1/30日更新
有專家見解:"支援ECS的 recursive DNS resolver 可將DNS請求來源(DNS request client)的IP subnet(網段即可,不一定要精準到IP)附加到DNS query內提交給ADNS (authoritative DNS server),以便ADNS判斷最佳回應"


2018/11月就告訴我,我到今天(1/30日)才看到...
得證:夠偷懶....

 當時因為工作翻牆出來,從CDN的觀念查到這個
到今天新聞:一些google、IBM等等的DNS開始要支援EDNS
我又再度翻了一遍..





解釋:依照你來的IP,轉給目標網站,讓目標網站依照你的ISP等等,轉CDN給你資料
在台灣,這沒啥用處
在大陸,這用處可大了
不過遇到電信、聯通自己不願意公開自己DNS給別人,那也沒啥用處

來源:http://noops.me/?p=653




DNS support edns-client-subnet

作者: |   2,020 瀏覽  | 

看了2天RFC,終於讓DNS支持edns-client-subnet協議,通過google dns resolver的請求,可以獲取用戶的ip地址。
國內很多CDN和DNS提供商都已經實現了,但網上的中文資料比較少,所以在這裡分享一下,能力有限,錯誤之處還請諒解。

問題

  • CDN使用DNS獲取查詢IP,根據IP對用戶進行地域調度。但這裡獲取的IP地址是DNS地址,而不是用戶真實的IP地址。
  • 大多數情況下,我們假設用戶通過會使用離自己網絡最近的DNS resolver,CDN調度基本還是準確的。
  • 但也有很多nameserver設置錯誤,或者用戶使用google public dns(nameserver 8.8.8.8/8.8.4.4)或opendns進行DNS resolver
比如:
  1. 國內用戶設置nameserver 8.8.8.8 (dig xxx.com @8.8.8.8)
  2. 我們得到的DNS query IP是74.125.16.208,判斷IP屬於美國,,,加利福尼亞州山景市谷歌公司
  3. 這個時候,我們的DNS會返回離美國加州最近的CDN節點IP給用戶。
  4. 國內用戶錯誤的調度到美國節點…… :(

edns-client-subnet

  • google提交了一份DNS擴展協議,允許DNS resolver傳遞用戶的ip地址給authoritative DNS server.
  • CDN的DNS支持該協議,就可以獲取用戶真實的IP地址,進行準確的調度。
    图片1
  • OpenDNS和Google Public DNS已經支持了該協議,如果希望他們的query中帶有用戶IP,需要聯繫他們添加白名單。提供nameserver的hostname、ip以及可以 用來測試解析的域名即可,一般幾天就可以搞定。(註:我是晚上22:l00提交的申請,第二天10:00就已經生效了)

實現

一. 支持發送和接收edns-client-subnet的dig

  1. 先下載bind,下載地址
  2. 下載edns-client-subnet dig patch,下載地址
    下載上述2個包,將patch打進bind,編譯出dig進行測試:
注意上面的OPT PSEUDOSECTION,已經可以發送和接收edns-client-subnet請求了

二. 協議

  • DNS協議
  • DNS query會包含header和RR 2部分,這裡只介紹我們關注地方,網上可以搜到很多協議的介紹,比如這個http://archercai.blog.sohu.com/60779796.html
  • header會描述本次請求中Questions、Answer RRs、Authority RRs和Additional RRs的數量,RR部分會詳細描述每個資源的內容,所有的RR格式是相同的,如下:
  • 個人理解edns-client-subnet是對edns協議的擴展,附加在一個DNS請求的Additional RRs區域,這裡重點描述edns-client-subnet的結構
    • EDNS協議 Extension mechanisms for DNS (EDNS0):http://tools.ietf.org/html/draft-ietf-dnsind-edns0-01
  • EDNS0每個字段的結構和描述如下:
  • OPT 的值41,詳細的協議值如下:
  • RDLENGTH描述RDATAD的長度,edns-client-subnet的詳細格式存在RDATA中,如下:
  • OPTION-CODE: 2個字節
  • OPTION-LENGTH: 2個字節,描述它之後的內容長度(BYTE)
  • FAMILY: 2個字節,1表示ipv4, 2表示ipv6
  • ADDRESS: 實際存放IP地址的地方,ipv4長度為4,google發送過來的長度一般為3,隱藏了ip地址最後一位

三. 開發

完成前2個步驟,就可以開搞了,邏輯很簡單:
1. 判斷dns query是否包含Additional RRs,讀取NAME部分
2. 讀取10個字節(byte),判斷TYPE是否為41,rdlength > 8
3. 如果rdlength > 8,再讀取8個字節,對應OPTION-CODE(2)–>OPTION-LENGTH(2)–>FAMILY(2)–>SOURCE NETMASK(1)–>SCOPE NETMASK(1)
4. 讀取剩下的address,長度 rdlength – 8 或者 option-length – 4都行
註:讀取到的地址長度為4,可以用socket.inet_ntoa變成ip地址,如果不夠4個字節,需要後面補\x00
5. 獲取到的IP地址就可以用來進行判斷調度了
6. respond時也需要增加一個Additional RRs區域,直接把請求的Additional內容發過去就可以(如果支持source netmask,將請求中的source netmask複製到scope netmask中,OpenDNS要求必須支持scope netmask)

四. 抓包

  1. 發包
    • 發送dns query請求時,可以看到Questions:1, Additional RRs: 1
    • Additional RRs中,type: 41(OPT), rdlength: 12 (google發過來的包,長度為11,沒有IP地址最後一位)
    • 12 – OPTION-CODE(2) – OPTION-LENGTH(2) – FAMILY(2) – SOURCE NETMASK(1) – SCOPE NETMASK(1) = 4,IPV4 地址的大小
      图片2
  2. 回包
    • 發送dns query請求時,可以看到Questions:1, Answer RRs:1, Additional RRs: 1
      图片3

jboss 的啟動方式

轉貼自http://www.soezblog.com/plate/group/web/papermsg.jsp?UI=markcool&GI=47&CI=22&p=1&PI=967

1.前言
  在JBoss預設的情況下,JBoss可以用3種方式啟動,分別為 minimal, default 和 all。
  這3種啟動模式分別對應在 JBOSS_HOME/server 的目錄之下。
  如果按照正常的啟動模式,JBoss會啟動default的模式。不同的啟動方式,會載入不同的模組與部署檔。
2.執行JBoss
  你可以執行 JBOSS_HOME/bin/run.bat 批次檔,在預設的情況下,會部署 default 的內容。
  如果想用其它模式啟動,你可以在[捷徑]或[命令提示定元]中,執行:
  run.bat -c all    ,以 all 模式啟動。
  run.bat -c minimal  ,以 minimal 模式啟動。

以下是啟動之後的視窗。
3.部置其它的JBoss伺服器。
  一般預設為 minimal, default 和 all 三種模式,但如果自己想要自行定義
伺器。

  你可以在 JBOSS_HOME/server/ 目錄下,增加自己所定義的伺服器,
  例如,建立 JBOSS_HOME/server/self 的目錄,這樣就建立 self的伺服器名,然放入自己想部署的模組內容(假如目前並沒有自己想部署的內容,那沒有關係,我們可以先將minimal目錄下的內容,全複製到 self 的目錄下,當做是內容的部署)
  部置完畢之後,執行 run.bat -c self 就可以啟動 self的內容了
ps1.部署的內容,可以參考 minimal, default 和 all 的部署內容,當然,如果有個別的需要,就要自行調整)
ps2.JBOSS_HOME/server/self/deploy/ 是web 專案所運作的目錄,你的專案程式,就是放在這之中。

2014/1/11

what's up 抓系統error log


what's up Percent Variables,帶變數到email內



在what's up 裡面,能夠email 通知使用者有什麼錯誤
能夠帶一些相關參數,統稱Percent Variables ,列表如下


 
Percent Variables
You can customize an action's message by adding any of the variables in the following table.
Note: We do not recommend that you use percent variables in script text (Active Script Action), because they may resolve to text containing special characters (' ' (quotes), " " (double-quotes), % (percent), new line characters, and the like) that may break your script.
Active Monitor Variables
Description
%ActiveMonitor.Argument
SNMP instance number. This is only used when an action is associated directly with an active monitor, and not the device as a whole.
%ActiveMonitor.Comment
The human readable name that coincides with the network switch. This is only used when an action is associated directly with an active monitor, and not the device as a whole.
%ActiveMonitor.Name

The name of the active monitor that fired an action. This is only used when an action is associated directly with an active monitor, and not the device as a whole.
%ActiveMonitor.NetworkInterfaceAddress
IP address for the network interface. This is only used when an action is associated directly with an active monitor, and not the device as a whole.
%ActiveMonitor.Payload
The payload returned by a WMI, Exchange, SQL, SNMP or Active Script active monitor. This is only used when an action is associated directly with an active monitor and not the devices as a whole.
For Active Script Active Monitors, the payload is the text that is passed to the SetResult() method in the script.
%ActiveMonitor.State

The Current status of the monitor, such as "Down at least 5 min." This is only used when an action is associated directly with an active monitor, and not the device as a whole.

Device Variables
Description
%Device.ActiveMonitorDownNames
List of down services using the abbreviated name if available.
%Device.ActiveMonitorUpNames
Full service names of all UP monitored services on a device.
%Device.Address
IP address (from device properties).
%Device.Attribute.[Attribute Name]
Returns an attribute from the SNMP information available for the device, such as the Contact name. To specify the attribute, append the category name (listed below) to the end of the variable. For example: %Device.Attribute.Contact, returns the contact name.
Default categories:
 *. Returns all attributes
 Info1. Upgrade path from v8
 Info2. Upgrade path from v8
Contact. Contact information from SNMP
 Location. Location information from SNMP
Description. Description information from SNMP
Custom. If you have created a custom attribute you can use the name of that custom attribute in the percent variable.
Example:
%Device.Attribute.Phone
%Device.Attribute.RackPosition
To avoid an error, always place a space or line break after the attribute name.  
%Device.DatabaseID
Returns the database ID of a device.
%Device.DisplayName
Display Name (from General of device properties)
%Device.HostName
Host Name (from General of device properties)
%Device.Notes
Notes. (Notes are from the device properties Notes)
%Device.SNMPOid
SNMP Object identifier.
%Device.State
The state's description (such as "Down at least 2 min" or "Up at least 5 min")
%Device.Status
This shows the name of the active monitor, preceded by the device state id : 10|DNS
%Device.Type
Device Type (from General of device properties)

Passive Monitor Variables
Description
%PassiveMonitor.DisplayName
The name of the monitor as it appears in the Passive Monitor Library.
%PassiveMonitor.LoggedText
Detailed Event description. (SNMP traps - Returns the full SNMP trap text.) (Windows Log Entries - Returns information contained in the Windows Event Log entries.) (Syslog Entries - Returns the text contained in the Syslog message.)
%PassiveMonitor.Payload.*
Payload generated by a passive monitor.
%PassiveMonitor.Payload.EventType
The type of passive monitor (Syslog, Windows Event, or SNMP Trap)
%PassiveMonitor.Payload.LogicalSource
Shows the device's logical IP address.
%PassiveMonitor.Payload.PhysicalSource
Shows the device's physical IP address.

System Variables
Description
%System.Date
The current system date. Configure the date format in Regional Options (from Program Options)
%System.DisplayNamesDownDevices
Display names of devices with down monitors
%System.DisplayNamesDownMonitors

Shows the name of a device and each monitor that is down on that device. The format of the response is 'device name':'monitor 1','monitor 2','...'
Example: ARNOR: FTP, HTTPS, Ping
%System.DisplayNamesUpDevices
Display names of up devices
%System.DisplayNamesUpMonitors
Shows the name of a device and each monitor that is up on that device. The format of the response is 'device name':'monitor 1','monitor 2','...'
Example: ARNOR: FTP, HTTPS, Ping
%System.InstallDir
Displays the directory on which WhatsUp Gold is installed
%System.NumberofDownDevices
Number of down devices on your network
%System.NumberOfDownMonitors
Shows the number of down monitors on your network
%System.NumberofUpDevices
Number of up devices on your network
%System.NumberOfUpMonitors
Shows the number of up monitors on your network
%System.Time
The current system  time. The format is hh:mm:ss

JPA+complex key+custom Query

  來源: https://www.cnblogs.com/520playboy/p/6512592.html   整個來說,就是有複合主鍵 然後要使用  public interface XxXXxx DAO extends CrudRepository<Tc...