KR101645222B1 - Advanced domain name system and management method - Google Patents
Advanced domain name system and management method Download PDFInfo
- Publication number
- KR101645222B1 KR101645222B1 KR1020150063407A KR20150063407A KR101645222B1 KR 101645222 B1 KR101645222 B1 KR 101645222B1 KR 1020150063407 A KR1020150063407 A KR 1020150063407A KR 20150063407 A KR20150063407 A KR 20150063407A KR 101645222 B1 KR101645222 B1 KR 101645222B1
- Authority
- KR
- South Korea
- Prior art keywords
- query
- dns server
- response
- cache data
- ttl
- Prior art date
Links
Images
Classifications
-
- H04L67/2842—
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0823—Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability
- H04L41/083—Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability for increasing network speed
-
- H04L61/1511—
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Debugging And Monitoring (AREA)
Abstract
The present invention provides an advanced domain name system, comprising: a receiving unit for receiving a query from a client device; A log storage DB for recording a log with respect to the query entered into the receiver; A cache memory for storing query and response information including TTL (Time to Live) information as cache data; A processor for determining whether the cache data exists and whether the TTL is valid and processing a response to the query transmitted through the receiver; And a query unit for updating the cache data via a query and response to the external DNS server layer and processing a response to the client server, wherein the processing unit processes the response with the cache data when the TTL is valid, And processes the priority response with the cache data if it is not.
Description
The present invention relates to an advanced domain name system and a method of operating the same, and more particularly, to an advanced domain name system and a method of operating the same, and more particularly, An advanced domain name system, and an operation method.
DNS (Domain Name System or Domain Name Server) service is a name service that is mainly used in TCP / IP network. It is a numeric value that can be processed by a computer. It is a service that supports to connect to a host by converting it into an IP address (Internet Protocol Address) having a hierarchical structure.
Referring to FIG. 1, a general DNS service will be described. When the
On the other hand, the
That is, the
However, since the existing DNS service shown in FIG. 1 uses the cache memory according to whether the TTL is valid or not, despite the characteristics of the DNS server that needs quick response and data is not easily changed, the response speed is slow and unnecessary traffic There is a problem in that normal service can not be performed when a failure occurs in interworking with the external DNS.
An object of the present invention is to provide an advanced domain name system (Advanced Domain Name System) capable of providing a quick response even when the TTL is short, DNS).
Another object of the present invention is to provide an advanced domain name system capable of coping with an internal failure and an external failure through forwarding processing to a temporary DNS in the event of a failure such as a DDOS attack through implementation of temporary DNS.
Yet another object of the present invention is to provide an advanced domain name system in which a query to and response from an external DNS server and a response log of a local DNS server are stored in addition to a query from a client device to a local DNS server, I have to.
According to a first aspect of the present invention, there is provided an advanced domain name system comprising: a receiver for receiving a query from a client device; A log storage DB for recording a log on the query inputted to the receiver; A cache memory for storing query and response information including TTL (Time to Live) information as cache data; A processing unit for determining whether the cache data exists and whether the TTL is valid for the query transmitted through the receiving unit and processing a response; And a query unit for updating the cache data through a query and response to an external DNS server layer and processing a response to the client server, wherein the processing unit processes the response with the cache data if the TTL is valid If the TTL is not valid, processing the priority response with the cache data, transmitting the query to the external DNS server layer through the inquiry unit, receiving the response information for the query, updating the cache data And transmits the response information to the client device.
In an embodiment, the processing unit may send the query to the external DNS server layer through the query unit if there is no cache memory for the query, receive response information for the query, And processes the response to the device.
As an example, the external DNS server layer includes a root DNS server, a TLD DNS server, and an Authority DNS server.
As an embodiment, the Advanced Domain Name System interfaces with the temporary DNS server that backs up and stores the logs and the cache data. The processing unit may set to forward only some data of the identified query to the temporary DNS server in accordance with a predetermined criterion when a failure occurs.
As an embodiment, the log storage DB may further store response information that is leaked to the client device, query information that is leaked to the external DNS server layer, and query information that is received from the external DNS server layer.
A second aspect of the present invention is a method of operating an advanced domain name system, comprising: receiving a query from a client device; Recording a log for the query; Storing query and response information including TTL (Time to Live) information as cache data; And processing the response by determining whether or not the cache data exists and whether the TTL is valid for the query, and the processing includes: processing the response with the cache data when the TTL is valid; If the TTL is not valid, transmits the query to the external DNS server layer after processing the priority response with the cache data, receiving the response information for the query, updating the cache data, .
The present invention has an effect of improving the speed of the existing DNS service by implementing the first response using the data cached in the cache memory even when the TTL is invalid.
In addition, through the operation of the temporary DNS server of the present invention, the present invention is capable of normal service in response to an internal failure and an external failure, and has an effect of facilitating quick recovery in the event of actual failure.
FIG. 1 is a block diagram for explaining a conventional DNS query processing method.
2 is a block diagram for explaining a query processing method of DNS according to an embodiment of the present invention.
3 is a flowchart for explaining a query processing method of a DNS according to an embodiment of the present invention.
4 is a block diagram illustrating an operation of a temporary DNS according to an embodiment of the present invention.
5 is a flowchart illustrating an operation of a temporary DNS according to an embodiment of the present invention.
FIG. 6 is a block diagram illustrating a log storage method according to an embodiment of the present invention; FIG.
Like reference numbers in the several drawings indicate like elements.
The following detailed description of the invention refers to the accompanying drawings, which illustrate, by way of illustration, specific embodiments in which the invention may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention. It should be understood that the various embodiments of the present invention are different, but need not be mutually exclusive. For example, certain features, structures, and characteristics described herein may be implemented in other embodiments without departing from the spirit and scope of the invention in connection with an embodiment. It is also to be understood that the position or arrangement of the individual components within each disclosed embodiment may be varied without departing from the spirit and scope of the invention. The following detailed description is, therefore, not to be taken in a limiting sense, and the scope of the present invention is to be limited only by the appended claims, along with the full scope of equivalents to which such claims are entitled, if properly explained. In the drawings, like reference numerals refer to the same or similar functions throughout the several views.
Hereinafter, the advanced
2 is a block diagram for explaining a query processing method of DNS according to an embodiment of the present invention. The DNS service of the present invention includes a
The
The
When a query is received from the client device 10 (210, 220), the
The
3 is a flowchart for explaining a query processing method of a DNS according to an embodiment of the present invention. The
In
If there is cache data but the TTL is not valid, the existing DNS server processed the response through an external query. However, the
As described above, even when the TTL is invalid, the
4 is a block diagram illustrating an operation of a temporary DNS according to an embodiment of the present invention. The present invention proposes a technique for constructing and operating a temporary DNS server to improve an existing local DNS server. In the figure, the
First, the existing local DNS server has a problem that when a failure occurs such as a DDoS (Distributed Denial of Service) attack, normal service is interrupted and it is difficult to quickly recover it.
In order to solve this problem, the present invention can construct a temporary DNS server (60). The
For example, if a DDoS attack involving a random string (e.g., a random string .www.naver.com) is received, both the local DNS server and the external DNS server layer are overloaded. At this time, only the domain name (www.naver.com) excluding the random string is forwarded to the
In the present embodiment, the
In one embodiment, the
Through the operation of the
5 is a flowchart illustrating an operation of the
In the normal case where the failure does not occur, the
When a failure occurs, the
As an example, when a failure occurs, data selected by the
As another embodiment, it is possible to use a log storage DB and a cache memory of the
This temporary DNS server operation method can protect the temporary DNS server even in the event of a failure, and enables normal service and quick recovery of the local DNS server.
FIG. 6 is a block diagram illustrating a log storage method according to an embodiment of the present invention; FIG. The data type that flows into and exits from the
In order to solve such a problem, the present invention is characterized in that the
Specifically, the present invention analyzes and processes a packet at a network level using a log storage program. That is, packets recorded in and out of the
For example, an unusual DNS packet created to determine if the server is running on an L4 device is captured at the network level, but the DNS program is not reached. Since the log storage program of the present invention stores packets at the network end, there is an effect that log operation can be confirmed even when the DNS program is not reached as in the above example.
As described above, in the case where all the data logs flowing between the
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments.
In addition, although specific terms are used herein, they are used for the purpose of describing the present invention only and are not used to limit the scope of the present invention described in the claims or the claims. Therefore, the scope of the present invention should not be limited to the above-described embodiments, but should be determined by the equivalents of the claims of the present invention as well as the claims of the following.
10: Client device
20: Local DNS server
30: Root DNS server
40: TLD DNS server
50: Responsible DNS Server
Claims (12)
A log storage DB for recording a log on the query inputted to the receiver;
A cache memory for storing query and response information including TTL (Time to Live) information as cache data;
A processing unit for determining whether the cache data exists and whether the TTL is valid for the query transmitted through the receiving unit and processing a response; And
And a query unit for updating the cache data via a query and response to an external DNS server layer and processing a response to the client device,
Wherein the processing unit processes a response with the cache data when the TTL is valid and processes a priority response with the cache data when the TTL is invalid,
Wherein the processing unit is configured to forward only some data of the identified query to a temporary DNS server according to a predetermined criterion when a failure occurs,
Wherein the temporary DNS server performs a role of a database to store all the logs of the local DNS server and cache memory, and only stores some domain names when a failure occurs.
The processing unit processes the priority response when the TTL is not valid, then transmits the query to the external DNS server layer through the inquiry unit, receives response information for the query, and updates the cache data Wherein the domain name system comprises:
And interworking with the temporary DNS server to back up and store the log and the cache data.
Wherein the log storage DB further stores response information to be transmitted to the client device, query information to be sent to the external DNS server layer, and query information to be imported from the external DNS server layer.
Further comprising a log storage program,
And further stores, in the network terminal, response information that is leaked to the client device, query information that is leaked to the external DNS server layer, and packets of query information that is received from the external DNS server layer through the log storage program Advanced Domain Name System.
Receiving a query from a client device;
Recording a log for the query;
Storing query and response information including TTL (Time to Live) information as cache data; And
Determining whether the cache data exists and whether the TTL is valid for the query, and processing a response;
Wherein the processing comprises: processing a response with the cache data if the TTL is valid; processing a preference response with the cache data if the TTL is not valid;
Wherein the processing step comprises the step of setting only the partial data of the query identified according to a predetermined criterion in case of a failure to be forwarded to the temporary DNS server for storage,
Wherein the temporary DNS server performs a role of a database to store all logs of the local DNS server and cache memory, and stores only some domain names when a failure occurs.
Wherein the processing step comprises processing the priority response and sending the query to an external DNS server layer when the TTL is not valid and receiving the response information for the query to update the cache data How to operate.
And backing up the log and the cache data to the temporary DNS server in association with the temporary DNS server, and storing the log.
Wherein the step of recording the log further stores response information that is leaked to the client device, query information that is sent to the external DNS server layer, and query information that is received from the external DNS server layer.
The recording of the log may include: response information flowing out to the client device at the network end, query information issued to the external DNS server layer, and inquiry information received from the external DNS server layer, Lt; RTI ID = 0.0 > 1, < / RTI > further storing packets of information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150063407A KR101645222B1 (en) | 2015-05-06 | 2015-05-06 | Advanced domain name system and management method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150063407A KR101645222B1 (en) | 2015-05-06 | 2015-05-06 | Advanced domain name system and management method |
Publications (1)
Publication Number | Publication Date |
---|---|
KR101645222B1 true KR101645222B1 (en) | 2016-08-12 |
Family
ID=56714988
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150063407A KR101645222B1 (en) | 2015-05-06 | 2015-05-06 | Advanced domain name system and management method |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101645222B1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114124893A (en) * | 2021-11-24 | 2022-03-01 | 广州方硅信息技术有限公司 | Domain name caching method, device, system, storage medium and computer equipment |
CN114338604A (en) * | 2021-12-31 | 2022-04-12 | 北京奇艺世纪科技有限公司 | DNS configuration updating method and system |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20010090090A (en) * | 2001-09-13 | 2001-10-18 | 김태준 | A system and method to reduce the domain name resolving time with domain proxy server |
JP2004504681A (en) * | 2000-07-17 | 2004-02-12 | エプリケーション ネットワークス リミテッド | Caching static and dynamic content on cache-distributed networks saves WWW site bit rates and improves QoS |
-
2015
- 2015-05-06 KR KR1020150063407A patent/KR101645222B1/en active IP Right Grant
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2004504681A (en) * | 2000-07-17 | 2004-02-12 | エプリケーション ネットワークス リミテッド | Caching static and dynamic content on cache-distributed networks saves WWW site bit rates and improves QoS |
KR20010090090A (en) * | 2001-09-13 | 2001-10-18 | 김태준 | A system and method to reduce the domain name resolving time with domain proxy server |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114124893A (en) * | 2021-11-24 | 2022-03-01 | 广州方硅信息技术有限公司 | Domain name caching method, device, system, storage medium and computer equipment |
CN114338604A (en) * | 2021-12-31 | 2022-04-12 | 北京奇艺世纪科技有限公司 | DNS configuration updating method and system |
CN114338604B (en) * | 2021-12-31 | 2024-04-12 | 北京奇艺世纪科技有限公司 | DNS configuration updating method and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11606388B2 (en) | Method for minimizing the risk and exposure duration of improper or hijacked DNS records | |
US10158620B2 (en) | DNSSEC signing server | |
US20180205697A1 (en) | Managing content delivery network service providers by a content broker | |
EP2266064B1 (en) | Request routing | |
US10469532B2 (en) | Preventing DNS cache poisoning | |
US7734792B2 (en) | Secure tunnel domain name management | |
US20120297478A1 (en) | Method and system for preventing dns cache poisoning | |
CN102685074B (en) | Anti-phishing network communication system and method | |
CN110324295B (en) | Defense method and device for domain name system flooding attack | |
CN108632221B (en) | Method, equipment and system for positioning controlled host in intranet | |
WO2018214853A1 (en) | Method, apparatus, medium and device for reducing length of dns message | |
WO2017067443A1 (en) | Security domain name system and fault processing method therefor | |
WO2017096888A1 (en) | Method and device for implementing domain name system | |
CN103685584A (en) | Method and system of resisting domain name hijacking based on tunnelling | |
CN108111639A (en) | A kind of method and system for improving domain name system availability | |
US10333966B2 (en) | Quarantining an internet protocol address | |
CN106411819A (en) | Method and apparatus for recognizing proxy Internet protocol address | |
US10021176B2 (en) | Method and server for managing traffic-overload on a server | |
KR101645222B1 (en) | Advanced domain name system and management method | |
CN105812503A (en) | Root server address update method and recursive server | |
CN107222588A (en) | A kind of method and system of raising DNS availabilities | |
JP6339538B2 (en) | Authoritative DNS server device, DNS query processing method, and DNS query processing program | |
CN110875894B (en) | Communication safety protection system and method and message cache node | |
CN117692173A (en) | Request message processing method, system and related equipment | |
CN115941341A (en) | DNS tunnel detection method and device, electronic equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant |