CN108886525B - 智能域名系统转发的方法和装置 - Google Patents

智能域名系统转发的方法和装置 Download PDF

Info

Publication number
CN108886525B
CN108886525B CN201780020823.2A CN201780020823A CN108886525B CN 108886525 B CN108886525 B CN 108886525B CN 201780020823 A CN201780020823 A CN 201780020823A CN 108886525 B CN108886525 B CN 108886525B
Authority
CN
China
Prior art keywords
dns
response
dns query
metadata
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201780020823.2A
Other languages
English (en)
Chinese (zh)
Other versions
CN108886525A (zh
Inventor
A·里纳瑞
E·瑞克黑特
R·吉布森
J·阿布里
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dynamic Network Services Inc
Original Assignee
Dynamic Network Services Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dynamic Network Services Inc filed Critical Dynamic Network Services Inc
Publication of CN108886525A publication Critical patent/CN108886525A/zh
Application granted granted Critical
Publication of CN108886525B publication Critical patent/CN108886525B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4552Lookup mechanisms between a plurality of directories; Synchronisation of directories, e.g. metadirectories
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/59Network arrangements, protocols or services for addressing or naming using proxies for addressing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/34Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/565Conversion or adaptation of application format or content
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching
    • H04L67/5682Policies or rules for updating, deleting or replacing the stored data

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
CN201780020823.2A 2016-03-09 2017-03-09 智能域名系统转发的方法和装置 Active CN108886525B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US201662305602P 2016-03-09 2016-03-09
US62/305,602 2016-03-09
PCT/US2017/021514 WO2017156231A1 (en) 2016-03-09 2017-03-09 Methods and apparatus for intelligent domain name system forwarding

Publications (2)

Publication Number Publication Date
CN108886525A CN108886525A (zh) 2018-11-23
CN108886525B true CN108886525B (zh) 2021-08-20

Family

ID=59790779

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201780020823.2A Active CN108886525B (zh) 2016-03-09 2017-03-09 智能域名系统转发的方法和装置

Country Status (5)

Country Link
US (1) US10686751B2 (enExample)
EP (1) EP3427465B1 (enExample)
JP (1) JP6861219B2 (enExample)
CN (1) CN108886525B (enExample)
WO (1) WO2017156231A1 (enExample)

Families Citing this family (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10530734B2 (en) 2014-12-16 2020-01-07 Verisign, Inc. Balancing visibility in the domain name system
US10110614B2 (en) * 2016-07-28 2018-10-23 Verisign, Inc. Strengthening integrity assurances for DNS data
CN107222492A (zh) * 2017-06-23 2017-09-29 网宿科技股份有限公司 一种dns防攻击方法、设备和系统
US10666603B2 (en) * 2017-07-13 2020-05-26 T-Mobile Usa, Inc. Optimizing routing of access to network domains via a wireless communication network
US11019083B2 (en) * 2018-06-20 2021-05-25 Cisco Technology, Inc. System for coordinating distributed website analysis
US10862854B2 (en) * 2019-05-07 2020-12-08 Bitdefender IPR Management Ltd. Systems and methods for using DNS messages to selectively collect computer forensic data
CN111953617B (zh) * 2019-05-17 2023-01-31 贵州白山云科技股份有限公司 一种负载均衡调度方法、装置、介质及设备
WO2021080283A1 (en) 2019-10-25 2021-04-29 Samsung Electronics Co., Ltd. Methods and systems for determining icn capability of a node/server
CN111917898B (zh) * 2020-07-24 2021-08-27 网宿科技股份有限公司 一种资源调度策略的调整方法及装置
US11303647B1 (en) 2021-04-22 2022-04-12 Netskope, Inc. Synthetic request injection to disambiguate bypassed login events for cloud policy enforcement
US11336698B1 (en) 2021-04-22 2022-05-17 Netskope, Inc. Synthetic request injection for cloud policy enforcement
US11178188B1 (en) 2021-04-22 2021-11-16 Netskope, Inc. Synthetic request injection to generate metadata for cloud policy enforcement
US11190550B1 (en) 2021-04-22 2021-11-30 Netskope, Inc. Synthetic request injection to improve object security posture for cloud security enforcement
US11647052B2 (en) * 2021-04-22 2023-05-09 Netskope, Inc. Synthetic request injection to retrieve expired metadata for cloud policy enforcement
WO2022226210A1 (en) * 2021-04-22 2022-10-27 Netskope, Inc. Synthetic request injection for cloud policy enforcement
US11184403B1 (en) 2021-04-23 2021-11-23 Netskope, Inc. Synthetic request injection to generate metadata at points of presence for cloud security enforcement
US11271972B1 (en) 2021-04-23 2022-03-08 Netskope, Inc. Data flow logic for synthetic request injection for cloud security enforcement
US11271973B1 (en) 2021-04-23 2022-03-08 Netskope, Inc. Synthetic request injection to retrieve object metadata for cloud policy enforcement
CN115277815B (zh) * 2021-04-30 2024-10-22 维沃移动通信有限公司 信息处理方法、装置及通信设备
US12111957B2 (en) 2021-06-08 2024-10-08 Microsoft Technology Licensing, Llc Software provenance validation
US11652782B1 (en) * 2021-11-24 2023-05-16 Oracle International Corporation Methods, systems, and computer readable media for dynamically updating domain name system (DNS) records from registered network function (NF) profile information
US11863518B2 (en) 2021-11-24 2024-01-02 Oracle International Corporation Methods, systems, and computer readable media for automatic domain name system (DNS) configuration for 5G core (5GC) network functions (NFs) using NF repository function (NRF)
CN114268605B (zh) * 2021-12-16 2023-11-24 云盾智慧安全科技有限公司 一种智能dns实现方法、装置及计算机存储介质
US11943260B2 (en) 2022-02-02 2024-03-26 Netskope, Inc. Synthetic request injection to retrieve metadata for cloud policy enforcement
US20230291738A1 (en) * 2022-03-10 2023-09-14 BunnyWay d.o.o. Method and system of dynamically returning domain name system record
US12255868B2 (en) 2022-07-11 2025-03-18 Cisco Technology, Inc. Leveraging contextual metadata communication to improve DNS security
CN115297087A (zh) * 2022-08-03 2022-11-04 中国电信股份有限公司 域名查询方法、系统、装置、设备及存储介质
US11811730B1 (en) * 2022-10-11 2023-11-07 International Business Machines Corporation Determining domain name system forwarding rules in a multi-cloud environment

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1976307A (zh) * 2005-11-28 2007-06-06 日立通讯技术株式会社 Dns服务器装置
CN101841577A (zh) * 2010-06-07 2010-09-22 中兴通讯股份有限公司 一种实现域名解析代理功能的方法和装置

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002069608A2 (en) * 2001-01-16 2002-09-06 Akamai Technologies, Inc. Using virtual domain name service (dns) zones for enterprise content delivery
US7864709B2 (en) 2004-06-25 2011-01-04 Apple Inc. Method and apparatus for looking up configuration information for a network node
US7694016B2 (en) * 2007-02-07 2010-04-06 Nominum, Inc. Composite DNS zones
US8429715B2 (en) * 2008-08-08 2013-04-23 Microsoft Corporation Secure resource name resolution using a cache
US7917616B2 (en) * 2008-08-08 2011-03-29 Microsoft Corporation Secure resource name resolution
AU2009225283A1 (en) 2008-10-16 2010-05-06 David Tucker Method Of Collecting Data From Computers Over The Internet
CN101488965B (zh) * 2009-02-23 2012-02-15 中国科学院计算技术研究所 一种域名过滤系统及方法
JP2013502190A (ja) * 2009-08-20 2013-01-17 エヌイーシー ヨーロッパ リミテッド ネットワーク構造内でトラフィックを制御する方法およびネットワーク構造
US8656490B1 (en) 2010-09-14 2014-02-18 Symantec Corporation Safe and secure access to dynamic domain name systems
US8549148B2 (en) * 2010-10-15 2013-10-01 Brocade Communications Systems, Inc. Domain name system security extensions (DNSSEC) for global server load balancing
US9106699B2 (en) 2010-11-04 2015-08-11 F5 Networks, Inc. Methods for handling requests between different resource record types and systems thereof
JP5942997B2 (ja) * 2011-09-06 2016-06-29 日本電気株式会社 エージェント装置及び通信中継方法
US9231903B2 (en) * 2011-12-30 2016-01-05 Time Warner Cable Enterprises Llc System and method for resolving a DNS request using metadata
US9396330B2 (en) * 2013-05-15 2016-07-19 Citrix Systems, Inc. Systems and methods for reducing denial of service attacks against dynamically generated next secure records
US11411912B2 (en) * 2015-07-17 2022-08-09 Verisign, Inc. Methods and systems for domain name data networking
US10708226B2 (en) * 2016-01-29 2020-07-07 Verisign, Inc. Domain name resolution
US10110614B2 (en) * 2016-07-28 2018-10-23 Verisign, Inc. Strengthening integrity assurances for DNS data
US10367825B2 (en) * 2016-12-28 2019-07-30 Verisign, Inc. Method and system for parallel validation of domain name system security extension records

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1976307A (zh) * 2005-11-28 2007-06-06 日立通讯技术株式会社 Dns服务器装置
CN101841577A (zh) * 2010-06-07 2010-09-22 中兴通讯股份有限公司 一种实现域名解析代理功能的方法和装置

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
IETF.Indicating Resolver Support of DNSSEC.《RFC3225》.2001, *

Also Published As

Publication number Publication date
EP3427465A1 (en) 2019-01-16
EP3427465B1 (en) 2022-03-23
WO2017156231A1 (en) 2017-09-14
US20190097965A1 (en) 2019-03-28
JP2019507994A (ja) 2019-03-22
EP3427465A4 (en) 2019-10-16
CN108886525A (zh) 2018-11-23
JP6861219B2 (ja) 2021-04-21
US10686751B2 (en) 2020-06-16

Similar Documents

Publication Publication Date Title
CN108886525B (zh) 智能域名系统转发的方法和装置
US11095711B2 (en) DNS Resolution of internal tenant-specific domain addresses in a multi-tenant computing environment
US20230216884A1 (en) Method for minimizing the risk and exposure duration of improper or hijacked dns records
CN103141074B (zh) 名称数据库服务器、名称解析系统、条目搜索方法
US8332522B2 (en) Establishing unique sessions for DNS subscribers
JP6054490B2 (ja) ネットワークにおけるコンテンツにアクセスする方法および対応するシステム
EP2933986A1 (en) Computer-implemented method, apparatus, and computer-readable medium for processing named entity queries using a cached functionality in a domain name system
EP3223497B1 (en) Systems and methods for preserving privacy of a registrant in a domain name system ("dns")
EP3135021B1 (en) Method and system for identifying network resources
US11102166B2 (en) Explicit service function chaining (SFC) using DNS extensions
WO2017161965A1 (zh) 一种动态域名系统dns重定向方法、装置及系统
Blanchet Finding the Authoritative Registration Data (RDAP) Service
US20240333680A1 (en) Management of domain name services across multiple device and software configurations
Hankins et al. Guidelines for Creating New DHCPv6 Options
JP6001512B2 (ja) 通信制御システム及び通信制御方法
JP2008206081A (ja) マルチホーミング通信システムに用いられるデータ中継装置およびデータ中継方法
CN112565305B (zh) 一种使用域名访问局域网设备的方法、系统及存储介质
Hankins et al. RFC 7227: Guidelines for Creating New DHCPv6 Options
Blanchet RFC 7484: Finding the Authoritative Registration Data (RDAP) Service
Fredriksson et al. Investigating Federated Object Naming Service as Directory Service for the Internet of Things

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant