KR101645222B1 - Advanced domain name system and management method - Google Patents

Advanced domain name system and management method Download PDF

Info

Publication number
KR101645222B1
KR101645222B1 KR1020150063407A KR20150063407A KR101645222B1 KR 101645222 B1 KR101645222 B1 KR 101645222B1 KR 1020150063407 A KR1020150063407 A KR 1020150063407A KR 20150063407 A KR20150063407 A KR 20150063407A KR 101645222 B1 KR101645222 B1 KR 101645222B1
Authority
KR
South Korea
Prior art keywords
query
dns server
response
cache data
ttl
Prior art date
Application number
KR1020150063407A
Other languages
Korean (ko)
Inventor
이석문
이판정
배진현
Original Assignee
(주)넷피아
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by (주)넷피아 filed Critical (주)넷피아
Priority to KR1020150063407A priority Critical patent/KR101645222B1/en
Application granted granted Critical
Publication of KR101645222B1 publication Critical patent/KR101645222B1/en

Links

Images

Classifications

    • H04L67/2842
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0823Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability
    • H04L41/083Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability for increasing network speed
    • H04L61/1511

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The present invention provides an advanced domain name system, comprising: a receiving unit for receiving a query from a client device; A log storage DB for recording a log with respect to the query entered into the receiver; A cache memory for storing query and response information including TTL (Time to Live) information as cache data; A processor for determining whether the cache data exists and whether the TTL is valid and processing a response to the query transmitted through the receiver; And a query unit for updating the cache data via a query and response to the external DNS server layer and processing a response to the client server, wherein the processing unit processes the response with the cache data when the TTL is valid, And processes the priority response with the cache data if it is not.

Description

ADVANCED DOMAIN NAME SYSTEM AND MANAGEMENT METHOD < RTI ID = 0.0 >

The present invention relates to an advanced domain name system and a method of operating the same, and more particularly, to an advanced domain name system and a method of operating the same, and more particularly, An advanced domain name system, and an operation method.

DNS (Domain Name System or Domain Name Server) service is a name service that is mainly used in TCP / IP network. It is a numeric value that can be processed by a computer. It is a service that supports to connect to a host by converting it into an IP address (Internet Protocol Address) having a hierarchical structure.

Referring to FIG. 1, a general DNS service will be described. When the client device 10 sends a DNS query, the local DNS server 20 transmits the query to the local DNS server 20 acting as a proxy. To the DNS server layer. The DNS servers have a hierarchical structure and distribute and map mappings to the host. The external DNS server layer includes a root DNS server 30, a top-level domain (TLD) DNS server 40, authoritative DNS server 50.

On the other hand, the local DNS server 20 includes a receiving unit 21, a processing unit 22, a query unit 23, a log storage DB 24, and a cache memory 25 for receiving a query. Basically, when a query is received from the client device 10, the receiving unit 21 receives the query, stores it in the log storage DB 24, and at the same time sends the query to the processing unit 22, (181 to 186) to the external DNS server through the inquiry unit (23) if the cache data is not available or the TTL (time to live) is not valid in the cache memory (140) Or updates (190) the result to the requesting client device 10 (195).

That is, the local DNS server 20 uses caching to improve the delay performance and reduce the number of DNS messages in the network. In the local DNS server 20, When a query is received, the external DNS servers 30, 40, 50 respond with data stored in the cache memory 25 (150, 160) without querying the external DNS servers 30, 40, 50.

However, since the existing DNS service shown in FIG. 1 uses the cache memory according to whether the TTL is valid or not, despite the characteristics of the DNS server that needs quick response and data is not easily changed, the response speed is slow and unnecessary traffic There is a problem in that normal service can not be performed when a failure occurs in interworking with the external DNS.

An object of the present invention is to provide an advanced domain name system (Advanced Domain Name System) capable of providing a quick response even when the TTL is short, DNS).

Another object of the present invention is to provide an advanced domain name system capable of coping with an internal failure and an external failure through forwarding processing to a temporary DNS in the event of a failure such as a DDOS attack through implementation of temporary DNS.

Yet another object of the present invention is to provide an advanced domain name system in which a query to and response from an external DNS server and a response log of a local DNS server are stored in addition to a query from a client device to a local DNS server, I have to.

According to a first aspect of the present invention, there is provided an advanced domain name system comprising: a receiver for receiving a query from a client device; A log storage DB for recording a log on the query inputted to the receiver; A cache memory for storing query and response information including TTL (Time to Live) information as cache data; A processing unit for determining whether the cache data exists and whether the TTL is valid for the query transmitted through the receiving unit and processing a response; And a query unit for updating the cache data through a query and response to an external DNS server layer and processing a response to the client server, wherein the processing unit processes the response with the cache data if the TTL is valid If the TTL is not valid, processing the priority response with the cache data, transmitting the query to the external DNS server layer through the inquiry unit, receiving the response information for the query, updating the cache data And transmits the response information to the client device.

In an embodiment, the processing unit may send the query to the external DNS server layer through the query unit if there is no cache memory for the query, receive response information for the query, And processes the response to the device.

As an example, the external DNS server layer includes a root DNS server, a TLD DNS server, and an Authority DNS server.

As an embodiment, the Advanced Domain Name System interfaces with the temporary DNS server that backs up and stores the logs and the cache data. The processing unit may set to forward only some data of the identified query to the temporary DNS server in accordance with a predetermined criterion when a failure occurs.

As an embodiment, the log storage DB may further store response information that is leaked to the client device, query information that is leaked to the external DNS server layer, and query information that is received from the external DNS server layer.

A second aspect of the present invention is a method of operating an advanced domain name system, comprising: receiving a query from a client device; Recording a log for the query; Storing query and response information including TTL (Time to Live) information as cache data; And processing the response by determining whether or not the cache data exists and whether the TTL is valid for the query, and the processing includes: processing the response with the cache data when the TTL is valid; If the TTL is not valid, transmits the query to the external DNS server layer after processing the priority response with the cache data, receiving the response information for the query, updating the cache data, .

 The present invention has an effect of improving the speed of the existing DNS service by implementing the first response using the data cached in the cache memory even when the TTL is invalid.

In addition, through the operation of the temporary DNS server of the present invention, the present invention is capable of normal service in response to an internal failure and an external failure, and has an effect of facilitating quick recovery in the event of actual failure.

FIG. 1 is a block diagram for explaining a conventional DNS query processing method.
2 is a block diagram for explaining a query processing method of DNS according to an embodiment of the present invention.
3 is a flowchart for explaining a query processing method of a DNS according to an embodiment of the present invention.
4 is a block diagram illustrating an operation of a temporary DNS according to an embodiment of the present invention.
5 is a flowchart illustrating an operation of a temporary DNS according to an embodiment of the present invention.
FIG. 6 is a block diagram illustrating a log storage method according to an embodiment of the present invention; FIG.
Like reference numbers in the several drawings indicate like elements.

The following detailed description of the invention refers to the accompanying drawings, which illustrate, by way of illustration, specific embodiments in which the invention may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention. It should be understood that the various embodiments of the present invention are different, but need not be mutually exclusive. For example, certain features, structures, and characteristics described herein may be implemented in other embodiments without departing from the spirit and scope of the invention in connection with an embodiment. It is also to be understood that the position or arrangement of the individual components within each disclosed embodiment may be varied without departing from the spirit and scope of the invention. The following detailed description is, therefore, not to be taken in a limiting sense, and the scope of the present invention is to be limited only by the appended claims, along with the full scope of equivalents to which such claims are entitled, if properly explained. In the drawings, like reference numerals refer to the same or similar functions throughout the several views.

Hereinafter, the advanced local DNS server 20 proposed by the present invention will be described with reference to FIG. 2 to FIG.

2 is a block diagram for explaining a query processing method of DNS according to an embodiment of the present invention. The DNS service of the present invention includes a client device 10, a local DNS server 20, a root DNS server 30, a TLD DNS server 40 and a responsible DNS server 50, A receiving unit 21, a processing unit 22, a query unit 23, a log storage DB 24, and a cache memory 25. In addition to the components shown, the local DNS server 20 may include other components for service implementation, and the illustrated components 21, 22, 23, 24, 25 are shown as separate, Elements can also be implemented in an integrated form.

The client device 10 is a device for an Internet user to send a host name query to the local DNS server 20 and may be a variety of digital computers such as a laptop, desktop, workstation, or other suitable computers, (PDAs), cellular phones, smart phones, and the like, as well as digital devices capable of communication such as IPTV using Internet protocols.

The local DNS server 20 is a server for delivering a query received from the client device 10 to the external DNS server layers 30, 40 and 50. The local DNS server 20 includes a receiving unit 21 for receiving a query, A storage DB 24, a processing unit for retrieving data to be responded to by reading the cache memory with respect to the received query or requesting the external DNS servers 30, 40 and 50 via the inquiry unit 23 when there is no valid data 22, a query unit 23 for sending a query to the external DNS servers 30, 40, 50 and receiving response data, and a cache memory 25 for storing host names and IP address pairs.

When a query is received from the client device 10 (210, 220), the processing unit 22 of the local DNS server 20 checks the data cached in the cache memory 25 through validation (TTL check) As shown in FIG. Here, a resource record (RR) for mapping a host name to an IP address is stored including fields such as (Name, Value, Type, TTL). TTL (time to live) And determines the time stored in the cache as time.

The processing unit 22 extracts the data stored in the cache memory 25 and processes an immediate response (240, 250, 260) if the TTL check is valid (if the valid time remains). The processing unit 22 processes the priority response to the client device 10 using the cached data even if the TTL is not valid in the cache memory 25 and internally transmits the external DNS And updates the cache data (270, 280, 290) under query to the server (30, 40, 50). In the conventional local DNS server, when the cache data is not validated at the time of TTL check, the existing local DNS server receives the cache data through the external query without using it as the contaminated data, updates the cache memory, The local DNS server 20 of the present invention performs the external query pre-response processing even when it is not valid, and proceeds to update the cache memory internally. Through this process, the present invention is advantageous in that a quick response is possible (for example, a quick response is possible even when the TTL is short), and a normal service can be provided even when the interworking with the external DNS server fails.

3 is a flowchart for explaining a query processing method of a DNS according to an embodiment of the present invention. The local DNS server 20 receives a query from the client device 10 (310). The processing unit 22 checks whether cache data exists in the cache memory 25 and whether the TTL is valid (steps 320 and 330). Steps 320 and 330 are shown as a posterior relationship, but may be performed simultaneously or in a very short time, and may be performed in a different order.

In step 320, if cache data exists, it is checked whether the TTL is valid. If valid, the response is processed with data stored in the cache memory 25 (step 390). Or if there is no cache data when the cache memory is accessed, the response is received from the external DNS server via the inquiry unit 23 to update the cache memory and transmits a response to the client device 10 (steps 350 to 380) .

If there is cache data but the TTL is not valid, the existing DNS server processed the response through an external query. However, the local DNS server 20 of the present invention processes the priority response with the data stored in the cache memory 25, thereby enabling rapid response (step 340). Thereafter, the local DNS server 20 internally queries the external DNS server via the inquiry unit 23, performs cache memory update with the received data, and sends a result response (Steps 350 to 380).

As described above, even when the TTL is invalid, the local DNS server 20 of the present invention has an effect of improving the speed of the existing DNS service by implementing the cached data in the cache memory so that the response is possible first.

4 is a block diagram illustrating an operation of a temporary DNS according to an embodiment of the present invention. The present invention proposes a technique for constructing and operating a temporary DNS server to improve an existing local DNS server. In the figure, the local DNS server 20 and the temporary DNS server 60 are shown as being operated separately, but they can also be implemented in an integrated form.

First, the existing local DNS server has a problem that when a failure occurs such as a DDoS (Distributed Denial of Service) attack, normal service is interrupted and it is difficult to quickly recover it.

In order to solve this problem, the present invention can construct a temporary DNS server (60). The temporary DNS server 60 functions as a database for storing log and / or cache memory contents of an existing local DNS server 20 and stores all data in the memory, , ≪ / RTI > 50).

For example, if a DDoS attack involving a random string (e.g., a random string .www.naver.com) is received, both the local DNS server and the external DNS server layer are overloaded. At this time, only the domain name (www.naver.com) excluding the random string is forwarded to the temporary DNS server 60, so that the log or the cache memory stored in the external DNS server 60 can be protected. The local DNS server 20 implements forwarding processing to the temporary DNS server 60 for the log storage DB 24 and the cache memory 25 so that the normal service can be performed.

In the present embodiment, the temporary DNS server 60 performs a role of a database, typically storing all logs and cache memory of the local DNS server 20, and when a failure occurs, some domain names (e.g., Character string).

In one embodiment, the local DNS server 20 is configured to record the log and the cache memory in the temporary DNS server 60 in the event of a failure, and to read and perform the DNS service.

Through the operation of the provisional DNS server 60, the present invention has the effect of enabling normal service in response to an internal failure and an external failure, and facilitating quick recovery in the event of actual failure.

5 is a flowchart illustrating an operation of the temporary DNS server 60 according to an embodiment of the present invention. When the local DNS server 20 receives a query from the client device 10 (step 510), it determines whether a failure has occurred (operation 520). For example, it can be judged that a fault occurs when excessive traffic exceeding the usual reference traffic is generated.

In the normal case where the failure does not occur, the local DNS server 20 performs the normal service, but backs up the log and the cache memory to the temporary DNS server 60 (step 530). For example, backup can be performed once a day.

When a failure occurs, the local DNS server 20 may implement the process of forwarding only the selected data (for example, a domain name except the random string) of the query data to the temporary DNS server 60 to update the temporary DNS server 540 , Step 550).

As an example, when a failure occurs, data selected by the temporary DNS server 60 may be stored as a log and the cache memory may be stored and updated without using the log storage DB and the cache memory of the local DNS server 20 .

As another embodiment, it is possible to use a log storage DB and a cache memory of the local DNS server 20 to store and update log and cache data of the selected data in the temporary DNS server 60 in the event of a failure.

This temporary DNS server operation method can protect the temporary DNS server even in the event of a failure, and enables normal service and quick recovery of the local DNS server.

FIG. 6 is a block diagram illustrating a log storage method according to an embodiment of the present invention; FIG. The data type that flows into and exits from the local DNS server 20 includes data 610 flowing to the client device, data 620 coming from the external DNS server 90, data 630), and data 640 that is input from the client device. In general, the local DNS server 20 leaves a log only on the data 640 received from the client device, and can generate and provide statistics on the query of the user based on the logged data. At this time, the log includes time, request client information (ID, Port), request query information (domain, class, type). However, when the method of logging only the data 640 flowing from the existing client device is used, there is a problem that it is difficult to catch an error when a failure occurs.

In order to solve such a problem, the present invention is characterized in that the local DNS server 20 transmits data 610 to the client device, data 620 input from the external DNS server 90, and external DNS server 90 A technique of storing the log of the data 630 is proposed.

Specifically, the present invention analyzes and processes a packet at a network level using a log storage program. That is, packets recorded in and out of the local DNS server 20 from the client device 10 and packets flowing into and out of the local DNS server 20 from the external DNS server 90 are recorded, The packet is analyzed to analyze the packet in more detail.

For example, an unusual DNS packet created to determine if the server is running on an L4 device is captured at the network level, but the DNS program is not reached. Since the log storage program of the present invention stores packets at the network end, there is an effect that log operation can be confirmed even when the DNS program is not reached as in the above example.

As described above, in the case where all the data logs flowing between the client device 10, the local DNS server 20 and the external DNS server 90 are recorded, the operation time (i.e., response time) of the DNS server can be checked, It is easy to solve the problem by confirming whether there is a normal response or not and response to an external query. In addition, by analyzing the data through the four types of logs, it is possible to check the cache usage rate and the external relying domain by checking the external query domain, and it is possible to check the problem domain and service normal success rate through the response code .

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments.

In addition, although specific terms are used herein, they are used for the purpose of describing the present invention only and are not used to limit the scope of the present invention described in the claims or the claims. Therefore, the scope of the present invention should not be limited to the above-described embodiments, but should be determined by the equivalents of the claims of the present invention as well as the claims of the following.

10: Client device
20: Local DNS server
30: Root DNS server
40: TLD DNS server
50: Responsible DNS Server

Claims (12)

A receiving unit for receiving a query from a client device;
A log storage DB for recording a log on the query inputted to the receiver;
A cache memory for storing query and response information including TTL (Time to Live) information as cache data;
A processing unit for determining whether the cache data exists and whether the TTL is valid for the query transmitted through the receiving unit and processing a response; And
And a query unit for updating the cache data via a query and response to an external DNS server layer and processing a response to the client device,
Wherein the processing unit processes a response with the cache data when the TTL is valid and processes a priority response with the cache data when the TTL is invalid,
Wherein the processing unit is configured to forward only some data of the identified query to a temporary DNS server according to a predetermined criterion when a failure occurs,
Wherein the temporary DNS server performs a role of a database to store all the logs of the local DNS server and cache memory, and only stores some domain names when a failure occurs. The method according to claim 1,
The processing unit processes the priority response when the TTL is not valid, then transmits the query to the external DNS server layer through the inquiry unit, receives response information for the query, and updates the cache data Wherein the domain name system comprises: The method according to claim 1,
And interworking with the temporary DNS server to back up and store the log and the cache data. delete The method according to claim 1,
Wherein the log storage DB further stores response information to be transmitted to the client device, query information to be sent to the external DNS server layer, and query information to be imported from the external DNS server layer. 6. The method of claim 5,
Further comprising a log storage program,
And further stores, in the network terminal, response information that is leaked to the client device, query information that is leaked to the external DNS server layer, and packets of query information that is received from the external DNS server layer through the log storage program Advanced Domain Name System. As an operation method of an advanced domain name system,
Receiving a query from a client device;
Recording a log for the query;
Storing query and response information including TTL (Time to Live) information as cache data; And
Determining whether the cache data exists and whether the TTL is valid for the query, and processing a response;
Wherein the processing comprises: processing a response with the cache data if the TTL is valid; processing a preference response with the cache data if the TTL is not valid;
Wherein the processing step comprises the step of setting only the partial data of the query identified according to a predetermined criterion in case of a failure to be forwarded to the temporary DNS server for storage,
Wherein the temporary DNS server performs a role of a database to store all logs of the local DNS server and cache memory, and stores only some domain names when a failure occurs. 8. The method of claim 7,
Wherein the processing step comprises processing the priority response and sending the query to an external DNS server layer when the TTL is not valid and receiving the response information for the query to update the cache data How to operate. 8. The method of claim 7,
And backing up the log and the cache data to the temporary DNS server in association with the temporary DNS server, and storing the log. delete 8. The method of claim 7,
Wherein the step of recording the log further stores response information that is leaked to the client device, query information that is sent to the external DNS server layer, and query information that is received from the external DNS server layer. 12. The method of claim 11,
The recording of the log may include: response information flowing out to the client device at the network end, query information issued to the external DNS server layer, and inquiry information received from the external DNS server layer, Lt; RTI ID = 0.0 > 1, < / RTI > further storing packets of information.
KR1020150063407A 2015-05-06 2015-05-06 Advanced domain name system and management method KR101645222B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150063407A KR101645222B1 (en) 2015-05-06 2015-05-06 Advanced domain name system and management method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150063407A KR101645222B1 (en) 2015-05-06 2015-05-06 Advanced domain name system and management method

Publications (1)

Publication Number Publication Date
KR101645222B1 true KR101645222B1 (en) 2016-08-12

Family

ID=56714988

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150063407A KR101645222B1 (en) 2015-05-06 2015-05-06 Advanced domain name system and management method

Country Status (1)

Country Link
KR (1) KR101645222B1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114124893A (en) * 2021-11-24 2022-03-01 广州方硅信息技术有限公司 Domain name caching method, device, system, storage medium and computer equipment
CN114338604A (en) * 2021-12-31 2022-04-12 北京奇艺世纪科技有限公司 DNS configuration updating method and system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20010090090A (en) * 2001-09-13 2001-10-18 김태준 A system and method to reduce the domain name resolving time with domain proxy server
JP2004504681A (en) * 2000-07-17 2004-02-12 エプリケーション ネットワークス リミテッド Caching static and dynamic content on cache-distributed networks saves WWW site bit rates and improves QoS

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004504681A (en) * 2000-07-17 2004-02-12 エプリケーション ネットワークス リミテッド Caching static and dynamic content on cache-distributed networks saves WWW site bit rates and improves QoS
KR20010090090A (en) * 2001-09-13 2001-10-18 김태준 A system and method to reduce the domain name resolving time with domain proxy server

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114124893A (en) * 2021-11-24 2022-03-01 广州方硅信息技术有限公司 Domain name caching method, device, system, storage medium and computer equipment
CN114338604A (en) * 2021-12-31 2022-04-12 北京奇艺世纪科技有限公司 DNS configuration updating method and system
CN114338604B (en) * 2021-12-31 2024-04-12 北京奇艺世纪科技有限公司 DNS configuration updating method and system

Similar Documents

Publication Publication Date Title
US11606388B2 (en) Method for minimizing the risk and exposure duration of improper or hijacked DNS records
US10158620B2 (en) DNSSEC signing server
US20180205697A1 (en) Managing content delivery network service providers by a content broker
EP2266064B1 (en) Request routing
US10469532B2 (en) Preventing DNS cache poisoning
US7734792B2 (en) Secure tunnel domain name management
US20120297478A1 (en) Method and system for preventing dns cache poisoning
CN102685074B (en) Anti-phishing network communication system and method
CN110324295B (en) Defense method and device for domain name system flooding attack
CN108632221B (en) Method, equipment and system for positioning controlled host in intranet
WO2018214853A1 (en) Method, apparatus, medium and device for reducing length of dns message
WO2017067443A1 (en) Security domain name system and fault processing method therefor
WO2017096888A1 (en) Method and device for implementing domain name system
CN103685584A (en) Method and system of resisting domain name hijacking based on tunnelling
CN108111639A (en) A kind of method and system for improving domain name system availability
US10333966B2 (en) Quarantining an internet protocol address
CN106411819A (en) Method and apparatus for recognizing proxy Internet protocol address
US10021176B2 (en) Method and server for managing traffic-overload on a server
KR101645222B1 (en) Advanced domain name system and management method
CN105812503A (en) Root server address update method and recursive server
CN107222588A (en) A kind of method and system of raising DNS availabilities
JP6339538B2 (en) Authoritative DNS server device, DNS query processing method, and DNS query processing program
CN110875894B (en) Communication safety protection system and method and message cache node
CN117692173A (en) Request message processing method, system and related equipment
CN115941341A (en) DNS tunnel detection method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
E701 Decision to grant or registration of patent right
GRNT Written decision to grant