WO2019237288A1 - Procédé et appareil de résolution de nom de domaine, et support d'informations lisible par ordinateur - Google Patents

Procédé et appareil de résolution de nom de domaine, et support d'informations lisible par ordinateur Download PDF

Info

Publication number
WO2019237288A1
WO2019237288A1 PCT/CN2018/091129 CN2018091129W WO2019237288A1 WO 2019237288 A1 WO2019237288 A1 WO 2019237288A1 CN 2018091129 W CN2018091129 W CN 2018091129W WO 2019237288 A1 WO2019237288 A1 WO 2019237288A1
Authority
WO
WIPO (PCT)
Prior art keywords
domain name
target
local dns
virtual local
name resolution
Prior art date
Application number
PCT/CN2018/091129
Other languages
English (en)
Chinese (zh)
Inventor
朱磊
Original Assignee
深圳前海达闼云端智能科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳前海达闼云端智能科技有限公司 filed Critical 深圳前海达闼云端智能科技有限公司
Priority to CN201880001126.7A priority Critical patent/CN108886540B/zh
Priority to PCT/CN2018/091129 priority patent/WO2019237288A1/fr
Publication of WO2019237288A1 publication Critical patent/WO2019237288A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks

Definitions

  • the present disclosure relates to the field of computers, and in particular, to a domain name resolution method, device, and computer-readable storage medium.
  • each tenant is a set of users, and each user accesses the VPN network using a VPN client.
  • the VP N gateway supports multi-tenant isolation.
  • the VPN gateway includes a virtual local DNS server dedicated to each tenant supported by the VPN gateway.
  • the VPN gateway configures a unique address in the VPN network for the virtual local DNS server dedicated to each tenant supported by the VPN gateway. Tenant isolation.
  • VPN gateway is required to configure a unique address in the VPN network for its dedicated virtual local DNS server for each tenant, as the number of tenants supported by a single VPN gateway increases and the number of VPN gateways in the VPN network increases, The configuration process is becoming more complex.
  • An object of the present disclosure is to provide a domain name resolution method, device, and computer-readable storage medium to simplify the configuration process of a VPN gateway.
  • a first aspect of an embodiment of the present disclosure provides a method for analyzing a domain name, which is applied to a virtual private network VPN gateway, where the VPN gateway includes a virtual local DNS server shared by multiple tenants, and the virtual local DNS
  • the server includes a load balancer and a plurality of virtual local DNS sub-servers, and each virtual local DNS sub-server provides a local DNS service for a VPN client in a tenant; the method includes:
  • the load balancer pushes the address of the virtual local DNS server to the target V PN client;
  • the load balancer monitors a domain name resolution request sent by the target VPN client to the virtual local DNS server, and the domain name resolution request includes an internal network IP address of the target VPN client;
  • the load balancer according to the intranet IP address segment to which the intranet IP address of the target VPN client belongs, Determining a target tenant to which the target VPN client belongs;
  • the load balancer forwards the domain name resolution request to a target virtual local DNS sub-server that provides local DNS services for the target tenant;
  • the target virtual local DNS sub-server performs domain name resolution on the domain name resolution request.
  • a second aspect of the embodiments of the present disclosure provides a domain name resolution device applied to a virtual private network VPN gateway.
  • the VPN gateway includes a virtual local DNS server shared by multiple tenants, and the virtual local DNS server includes a load balancer. And multiple virtual local DNS sub-servers, each virtual local DNS sub-server providing local DNS services for VPN clients in a tenant; the device includes:
  • a pushing module configured to push the address of the virtual local DNS server to the target VPN client through the load balancer after detecting that the target VPN client accesses the VPN gateway;
  • a monitoring module configured to monitor, by the load balancer, a domain name resolution request sent by the target VPN client to the virtual local DNS server, where the domain name resolution request includes an internal network IP address of the target VPN client ;
  • a determining module configured to determine, by the load balancer, a target tenant to which the target VPN client belongs according to an internal network IP address segment to which the internal network IP address of the target VPN client belongs;
  • a first forwarding module configured to forward, by the load balancer, the domain name resolution request to a target virtual local DNS subserver that provides a local DNS service for the target tenant;
  • a resolution module configured to perform domain name resolution on the domain name resolution request by the target virtual local DNS sub-server.
  • a third aspect of the embodiments of the present disclosure provides a domain name resolution generating device, including:
  • At least one processor unit a communication interface, a memory, and a communication bus; the at least one processor unit, the communication interface, and the memory complete communication with each other through the communication bus;
  • the memory is configured to store program code
  • the at least one processor unit is configured to run the program code to implement the method described in the first aspect.
  • a fourth aspect of the embodiments of the present disclosure provides a computer-readable storage medium, where the computer-readable storage medium is used to store a computer program, and the computer program includes instructions for executing the method described in the first aspect.
  • the domain name resolution method provided by the embodiment of the present disclosure has at least the following technical effects:
  • the VPN gateway pushes the address of the same virtual local DNS server for VPN clients in multiple tenants supported by the VPN gateway, the configuration complexity is low, and VPN clients in multiple tenants supported by the VPN gateway The client only needs to expose the address of a virtual local DNS server, which has higher confidentiality and security;
  • FIG. 1 is a schematic diagram of a domain name resolution method in the related art.
  • FIG. 2 is a schematic diagram of a domain name resolution method according to an embodiment of the present disclosure.
  • FIG. 3 is a flowchart of a domain name resolution method according to an embodiment of the present disclosure.
  • FIG. 4 is a schematic diagram of a connection relationship between gateways in an embodiment of the present disclosure.
  • FIG. 5 is a schematic diagram of a domain name resolution apparatus according to an embodiment of the present disclosure.
  • FIG. 6 is a structural diagram of a domain name resolution device according to an embodiment of the present disclosure.
  • a VPN gateway in the related art includes multiple virtual local DNS servers of respective tenants.
  • FIG. 1 is a schematic diagram of a domain name resolution method in the related art.
  • the VPN gateway includes a virtual local DNS server of tenant one and a virtual local DNS server of tenant two as an example.
  • the address configured by the VPN gateway for the virtual local DNS server for tenant one is 172.1.1.1
  • the address configured by the VPN gateway for the virtual local DNS server for tenant two is 172.2.1.1.
  • the VPN client in the first tenant and the VPN client in the second tenant respectively access the VPN gateway and establish a VPN tunnel with the VPN gateway.
  • the VPN gateway pushes its virtual local DNS server to the VPN client in tenant one.
  • Address 172.1.1.1 the VPN gateway pushes the address 172.2.1.1 of its virtual local DNS server to the VPN client in tenant two.
  • the VPN client in tenant one and the VPN client in tenant two respectively send to their respective virtual local DNS The server sends a domain name resolution request.
  • the respective virtual local DNS servers of tenant one and tenant two respectively perform domain name resolution on the domain name resolution requests received by them.
  • the VPN gateway includes multiple A virtual local DNS server shared by each tenant.
  • the virtual local DNS server includes a load balancer and multiple virtual local DNS sub-servers.
  • Each virtual local DNS sub-server provides local DNS services for VPN clients in a tenant.
  • FIG. 2 is a schematic diagram of a domain name resolution method according to an embodiment of the present disclosure.
  • the V PN gateway includes a virtual local DNS server.
  • the virtual local DNS server includes a virtual local DNS subserver of tenant one and a virtual local DNS subserver of tenant two.
  • the virtual local DNS subserver of tenant one is tenant one.
  • the VPN client in the local provides a local DNS service
  • the virtual local DNS subserver of the second tenant provides the local DNS service for the VPN client in the second tenant.
  • FIG. 3 is a flowchart of a domain name resolution method provided by an embodiment of the present disclosure. As shown in Figure 3, the method includes the following steps:
  • Step S11 after detecting that the target VPN client accesses the VPN gateway, the load balancer pushes the address of the virtual local DNS server to the target VPN client;
  • Step S12 the load balancer monitors a domain name resolution request sent by the target VPN client to the virtual local DNS server, where the domain name resolution request includes an internal network IP address of the target VPN client;
  • Step S13 the load balancer determines a target tenant to which the target VPN client belongs according to the IP address segment of the internal network to which the internal network IP address of the target VPN client belongs;
  • Step S14 the load balancer forwards the domain name resolution request to a target virtual local DNS sub-server that provides a local DNS service for the target tenant;
  • Step S15 the target virtual local DNS sub-server performs domain name resolution on the domain name resolution request
  • the VPN gateway includes only one virtual local DNS server, and multiple tenants supported by the VPN gateway share the virtual local DNS server.
  • the load balancer in the virtual local DNS server is configured for the virtual local DNS server.
  • An intranet IP address for example: 10.10.10.10
  • the load balancer pushes the same address to the VPN clients in different tenants, and this address is the virtual local DNS server in the VPN gateway. Address, for example: 10.10.10.10.
  • the VPN client in the tenant one and the VPN client in the tenant two respectively access the V PN gateway and establish a VPN tunnel with the VPN gateway. Then, the load balancer pushes the virtual local DNS server address 10.10.10.10 to the VPN client in tenant one, and the load balancer pushes the virtual local DNS server address 10.10.10.10 to the VPN client in tenant two.
  • the VPN clients of different tenants send domain name resolution requests to the virtual local DNS server in the VPN gateway.
  • the load balancer monitors whether there is a domain name resolution request sent by the VPN client belonging to a certain tenant to the virtual local DNS server.
  • the resolution request is based on which intranet IP address the domain name resolution request originates from, determines the intranet IP address segment to which the intranet IP address belongs, and further determines which tenant VPN client in the tenant sends the domain name resolution request.
  • the internal network IP address segments of different tenants supported by the same VPN gateway are pre-allocated and are not duplicated, and the internal network IP address segments of the same tenant allocated at different VPN gateways are pre-allocated. It is not repeated.
  • a tenant can be identified by the unique intranet IP address segment in the VPN network, and the load balancer can identify the tenant by the intranet IP address segment, and then forward the domain name resolution request to the corresponding virtual local DNS subserver. To achieve multi-tenant isolation.
  • the virtual local DNS subserver is supported by all domain name resolution types.
  • the tenant can customize the domain name resolution result of the CNAME type domain name resolution request.
  • the domain name The result is an IPv4 address.
  • This article uses the A record type as an example. It is only for illustration and does not limit the type of domain name resolution.
  • the VPN gateway is connected to the controller, and the controller delivers the correspondence between the intranet IP address segment and the tenant to the load balancer.
  • the VPN client in the first tenant sends a first domain name resolution request (A record type, requesting to resolve the IP address corresponding to the domain name www.xinhua.net) to the virtual local DNS server.
  • a record type requesting to resolve the IP address corresponding to the domain name www.xinhua.net
  • the load balancer listens to these two domain name resolution requests. Because the domain name resolution request includes the internal network IP address of the VPN client that sent the domain name resolution request, the load balancer According to the internal network IP addresses in the two domain name resolution requests monitored, and combined with the corresponding relationship between the internal network IP address segment and the tenant, determine which tenant the VPN client that sent the two domain name resolution requests belongs to, assuming load balancing The server determines that the first domain name resolution request originates from the VPN client in tenant one, and then sends the first domain name resolution request to the virtual local DNS subserver of tenant one, assuming that the load balancer determines that the second domain name resolution request originates from tenant two And the VPN client in the server sends the second domain name resolution request to the virtual local DNS subserver of the second tenant.
  • the virtual local DNS sub-server performs domain name resolution on the received domain name resolution request. As shown in FIG. 2, the virtual local DNS subserver of tenant one performs domain name resolution on the first domain name resolution request, and the virtual local DNS server of tenant two performs domain name resolution on the second domain name resolution request.
  • the domain name resolution method provided by the embodiment of the present disclosure has at least the following technical effects:
  • the VPN gateway pushes the address of the same virtual local DNS server for VPN clients in multiple tenants supported by the VPN gateway, the configuration complexity is low, and the VPN clients in multiple tenants supported by it The client only needs to expose the address of a virtual local DNS server, which has higher confidentiality and security;
  • the VPN gateway only needs to maintain one virtual local DNS server, and the maintenance cost is low.
  • the method further includes:
  • the load balancer sets the address of the virtual local DNS server to an anycast-based intranet IP address, and the anycast-based intranet address is an address of a virtual local DNS server in another VPN gateway ;
  • the load balancer When the load balancer detects a failure of the virtual local DNS server, the load balancer forwards the domain name resolution request to the virtual local DNS server in the other VPN gateway.
  • the VPN gateway pushes the address of the same virtual local DNS server to all tenants, and the address of the virtual local DNS server is an intranet IP address based on anycast and is in other V PN gateways.
  • the address of the virtual local DNS server is the same.
  • the load balancer in the VPN gateway can receive the Domain name solution
  • the analysis request is forwarded to the virtual local DNS server in other VPN gateways, so as to realize automatic switching and high availability of D NS, which enhances the robustness of the domain name resolution method provided by the embodiment of the present disclosure.
  • FIG. 4 is a schematic diagram of a connection relationship between gateways in an embodiment of the present disclosure.
  • the virtual local DNS servers in each of VPN gateway A, VPN gateway B, and VPN gateway C are 10.1 0.10.10. If the virtual local DNS server in VPN gateway A goes down, the VPN gateway A The load balancer can forward the received domain name resolution request to the virtual local DNS server in the nearest VPN gateway B.
  • a resolution policy of the target tenant is stored in a virtual local DNS sub-server that provides local DNS services for the target tenant, and a virtual local DNS sub-server that provides local DNS services for different tenants Storage has different parsing strategies;
  • step S15 includes:
  • the target virtual local DNS subserver performs domain name resolution on the domain name resolution request in accordance with the target tenant's resolution policy.
  • different resolution policies are stored in different virtual local DNS sub-servers, and each tenant can set a resolution policy according to its own network access requirements.
  • the VPN gateway is connected to the controller, and the controller delivers to each virtual local DNS subserver the resolution policy that the virtual local DNS subserver needs to use in the process of domain name resolution. Since different tenants can set different resolution policies, the resolution policies stored in different virtual local DNS subservers are different. After receiving the domain name resolution request forwarded by the load balancer, each virtual local DNS sub-server performs domain name resolution according to the resolution policy stored in the virtual local DNS sub-server. Even if different tenants request to resolve the same domain name, they are isolated from each other, and different virtual local DNS subservers give different resolution results.
  • the target tenant's resolution policy is to allow only the target VPN client to access a limited number of intranet domain names; the target virtual local DNS sub-server follows the target tenant's resolution policy And performing domain name resolution on the domain name resolution request includes:
  • the domain name in the domain name resolution request matches the domain name registered on the target virtual local DNS subserver, forward the domain name resolution request to an internal network authority DNS server, and receive the internal network authority The domain name resolution result returned by the DNS server.
  • the virtual local DN S sub-server that provides a local DNS server for the tenant can be used.
  • Multiple domain names are registered in advance.
  • the multiple domain names that are registered in advance may be internal domain names or external domain names. Regardless of whether the internal domain names or external domain names are registered in advance, they correspond to the IP addresses of the internal network DNS.
  • the correspondence relationship between the pre-registered domain name and the IP address of the intranet DNS is stored on the virtual local DNS subserver.
  • the domain name in the domain name resolution request is first compared with the domain name registered on the virtual local DNS subserver to determine whether the two match. If the two match, the domain name resolution request is forwarded to the intranet authoritative DNS server, and the intranet authoritative DNS server performs domain name resolution on the domain name resolution request, and returns the domain name resolution result to the virtual local DNS subserver.
  • the virtual local DNS sub-server since the virtual local DNS sub-server has a cache function, if the result is not parsed locally, the request will be forwarded to the next higher level and cached locally after the result is obtained. Previously, the results were returned directly to the client by the virtual local DNS subserver, and the efficiency of domain name resolution was improved through such cache settings.
  • the target tenant's resolution policy is to allow the target VPN client to access all intranet domain names;
  • the target virtual local DNS sub-server is configured to:
  • the domain name resolution request for domain name resolution includes:
  • [0071] forward the domain name resolution request to an internal network authoritative DNS server by default, and receive the domain name resolution result returned by the internal network authoritative DNS server.
  • the domain name resolution request can be forwarded to the intranet authoritative DNS server by default, and the intranet The authoritative DNS server performs domain name resolution, and then receives the domain name resolution result returned by the intranet authoritative DNS server.
  • the target tenant's resolution policy is to allow the target VPN client to access at least one external domain name; the target virtual local DNS subserver follows the target tenant's resolution policy, Performing domain name resolution on the domain name resolution request includes:
  • [0074] forward the domain name resolution request to an external public DNS server, and receive a domain name resolution result returned by the external public DNS server.
  • the domain name resolution request can be forwarded to the public DNS server by default, the domain name resolution is performed by the public DNS server, and then the domain name resolution result returned by the public DNS server is received.
  • the virtual local DNS subserver can control the number of domain names and domain name ranges that can be accessed by the VPN client, thereby improving the controllability and security of domain name resolution.
  • An embodiment of the present disclosure further provides a domain name resolution device, which is applied to a virtual private network VPN gateway.
  • the VPN gateway includes a virtual local DNS server shared by multiple tenants.
  • the virtual local DNS server includes a load balancer and a multi-tenant.
  • Virtual local DNS sub-servers, each virtual local DNS sub-server provides local DNS services for VPN clients in a tenant.
  • the domain name resolution apparatus 400 provided in the embodiment of the present disclosure includes:
  • a pushing module 401 configured to push the address of the virtual local DNS server to the target VPN client through the load balancer after detecting that the target VPN client accesses the VPN gateway;
  • a monitoring module 402 configured to monitor, by the load balancer, a domain name resolution request sent by the target VPN client to the virtual local DNS server, where the domain name resolution request includes an internal network IP of the target VPN client Address
  • a determining module 403 configured for the load balancer to determine a target tenant to which the target VPN client belongs according to an intranet IP address segment to which the target VPN client's internal network IP address belongs;
  • a first forwarding module 404 configured for the load balancer to forward the domain name resolution request to a target virtual local DNS subserver that provides a local DNS service for the target tenant;
  • a resolution module 405, configured to perform domain name resolution on the domain name resolution request by the target virtual local DNS sub-server.
  • the apparatus further includes:
  • a setting module for the load balancer to set the address of the virtual local DNS server to an anycast-based intranet IP address, and the anycast-based intranet address is a virtual one in another VPN gateway The address of the local D NS server;
  • a second forwarding module configured to detect, by the load balancer, that the virtual local DNS server sends When a failure occurs, the domain name resolution request is forwarded to the virtual local DNS server in the other VPN gateway.
  • a resolution policy of the target tenant is stored in a virtual local DNS sub-server that provides local DNS services for the target tenant, and different virtual local DNS sub-servers that provide local DNS services for different tenants are stored in different Analysis strategy
  • the analysis module includes:
  • a parsing submodule configured to perform domain name resolution on the domain name resolution request by the target virtual local DNS subserver according to the target tenant's resolution policy.
  • the resolution policy of the target tenant is to allow only the target VPN client to access a limited number of intranet domain names; the resolution submodule is configured to:
  • the resolution policy of the target tenant is to allow the target VPN client to access all internal network domain names; the resolution submodule is configured to:
  • the resolution policy of the target tenant is to allow the target VPN client to access at least one external network domain name; the resolution submodule is configured to:
  • each module of the domain name resolution device is only a logical function division, and there may be another division manner in actual implementation.
  • the physical implementation of each module may also have multiple ways, which is not limited in this disclosure.
  • An embodiment of the present disclosure further provides a domain name resolution device 100.
  • the domain name resolution device 100 include:
  • At least one processor unit such as processor unit 101 shown in FIG. 6
  • a communication interface 102 such as processor unit 101 shown in FIG. 6
  • a memory 103 such as memory 103
  • a communication bus 104 such as communication bus 104
  • the at least one processor unit, the communication interface 102, and the memory 103 communicating with each other through the communication bus 104;
  • the memory 103 is configured to store program code, and the at least one processor unit is configured to run the program code to implement the domain name resolution method shown in FIG. 1, specifically referring to the foregoing method embodiment for FIG. 1 description.
  • An embodiment of the present disclosure further provides a non-transitory computer-readable storage medium including instructions, such as the foregoing memory 103, and the foregoing instructions may be executed by a processor of the device 100 to complete a method for corresponding domain name resolution.
  • the non-transitory computer-readable storage medium may be a ROM, a random access memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

La présente invention concerne un procédé et un appareil de résolution de nom de domaine et un support d'informations lisible par ordinateur. Le procédé comprend : après qu'il a été détecté qu'un client de VPN cible accède à une passerelle VPN, la poussée, par un équilibreur de charge, de l'adresse d'un serveur DNS local virtuel vers le client VPN cible ; la surveillance, par l'équilibreur de charge, d'une demande de résolution de nom de domaine envoyée par le client VPN cible au serveur DNS local virtuel, la demande de résolution de nom de domaine comprenant l'adresse IP intranet du client VPN cible ; la détermination, par l'équilibreur de charge, selon un champ d'adresse IP intranet auquel l'adresse IP intranet du client VPN cible appartient, d'un locataire cible auquel le client VPN cible appartient ; l'expédition, par l'équilibreur de charge, de la demande de résolution de nom de domaine à un sous-serveur DNS local virtuel cible fournissant au locataire cible un service DNS local ; et l'exécution, par le sous-serveur DNS local virtuel cible, d'une résolution de nom de domaine pour la demande de résolution de nom de domaine.
PCT/CN2018/091129 2018-06-13 2018-06-13 Procédé et appareil de résolution de nom de domaine, et support d'informations lisible par ordinateur WO2019237288A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201880001126.7A CN108886540B (zh) 2018-06-13 2018-06-13 域名解析方法、装置及计算机可读存储介质
PCT/CN2018/091129 WO2019237288A1 (fr) 2018-06-13 2018-06-13 Procédé et appareil de résolution de nom de domaine, et support d'informations lisible par ordinateur

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/091129 WO2019237288A1 (fr) 2018-06-13 2018-06-13 Procédé et appareil de résolution de nom de domaine, et support d'informations lisible par ordinateur

Publications (1)

Publication Number Publication Date
WO2019237288A1 true WO2019237288A1 (fr) 2019-12-19

Family

ID=64325005

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/091129 WO2019237288A1 (fr) 2018-06-13 2018-06-13 Procédé et appareil de résolution de nom de domaine, et support d'informations lisible par ordinateur

Country Status (2)

Country Link
CN (1) CN108886540B (fr)
WO (1) WO2019237288A1 (fr)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111885217A (zh) * 2020-07-21 2020-11-03 深信服科技股份有限公司 一种数据通信方法、装置、设备及存储介质
CN112398694A (zh) * 2020-11-18 2021-02-23 互联网域名系统北京市工程研究中心有限公司 流量检测系统、方法及存储介质
CN112910902A (zh) * 2021-02-04 2021-06-04 浙江大华技术股份有限公司 数据解析方法、装置、电子设备、计算机可读存储介质
CN113315848A (zh) * 2020-02-27 2021-08-27 阿里巴巴集团控股有限公司 访问控制方法、装置及设备
CN113438307A (zh) * 2021-06-22 2021-09-24 北京金山安全软件有限公司 一种域名解析方法、服务器、系统及存储介质
CN114285822A (zh) * 2021-12-15 2022-04-05 中国银联股份有限公司 一种域名解析服务器切换方法及装置
CN115150358A (zh) * 2021-03-31 2022-10-04 贵州白山云科技股份有限公司 域名获取的方法、电子装置以及系统
CN115378906A (zh) * 2022-08-16 2022-11-22 北京轻网科技股份有限公司 一种基于vpn框架的本地dns代理方法、装置、设备及介质

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110674098B (zh) * 2019-09-19 2022-04-22 浪潮电子信息产业股份有限公司 一种分布式文件系统中的域名解析方法
CN114301614A (zh) * 2020-09-23 2022-04-08 中国电信股份有限公司 检测网络中的域名非法监听的方法与系统
CN113079504A (zh) * 2021-03-23 2021-07-06 广州讯鸿网络技术有限公司 5g消息dm多负载均衡器接入实现方法、装置及系统
CN115826444A (zh) * 2021-09-18 2023-03-21 上海云盾信息技术有限公司 基于dns解析的安全访问控制方法、系统、装置及设备
CN113992382B (zh) * 2021-10-22 2024-04-05 北京京东振世信息技术有限公司 业务数据处理方法、装置、电子设备及存储介质
CN114338597A (zh) * 2021-11-30 2022-04-12 奇安信科技集团股份有限公司 一种网络访问方法及装置
CN114500450B (zh) * 2021-12-22 2023-10-10 天翼云科技有限公司 一种域名解析方法、设备及计算机可读存储介质
CN114301872B (zh) * 2021-12-27 2023-12-26 奇安信科技集团股份有限公司 基于域名的访问方法及装置、电子设备、存储介质
CN114430409B (zh) * 2022-01-26 2023-08-15 网易(杭州)网络有限公司 网页访问方法、网页访问装置、存储介质及电子设备
CN114553828B (zh) * 2022-02-24 2023-01-31 中国人民解放军国防科技大学 一种dns运维管理方法、装置、设备及介质
CN115348235A (zh) * 2022-08-11 2022-11-15 中国工商银行股份有限公司 域名解析方法、装置、电子设备及存储介质
CN116033020B (zh) * 2022-12-27 2024-05-10 中国联合网络通信集团有限公司 增强物理网关算力的方法、装置、设备及存储介质

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012065641A1 (fr) * 2010-11-17 2012-05-24 Telefonaktiebolaget Lm Ericsson (Publ) Agencement de serveur dns et procédé associé
CN106797410A (zh) * 2016-12-23 2017-05-31 深圳前海达闼云端智能科技有限公司 域名解析方法和装置
US20170171146A1 (en) * 2015-12-14 2017-06-15 Microsoft Technology Licensing, Llc Shared Multi-Tenant Domain Name System (DNS) Server For Virtual Networks

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020103931A1 (en) * 2001-01-26 2002-08-01 Mott Charles J. Virtual private networking using domain name service proxy
CN101420762B (zh) * 2007-10-23 2011-02-23 中国移动通信集团公司 接入网关的选择方法、系统及网关选择执行节点
WO2013119516A1 (fr) * 2012-02-06 2013-08-15 Xerocole, Inc. Procédé de partage de données pour serveurs dns récursifs
CN103731516B (zh) * 2014-01-24 2017-04-05 互联网域名系统北京市工程研究中心有限公司 基于嵌套视图的dns解析方法及其系统
CN111866064B (zh) * 2016-12-29 2021-12-28 华为技术有限公司 一种负载均衡的方法、装置和系统

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012065641A1 (fr) * 2010-11-17 2012-05-24 Telefonaktiebolaget Lm Ericsson (Publ) Agencement de serveur dns et procédé associé
US20170171146A1 (en) * 2015-12-14 2017-06-15 Microsoft Technology Licensing, Llc Shared Multi-Tenant Domain Name System (DNS) Server For Virtual Networks
CN106797410A (zh) * 2016-12-23 2017-05-31 深圳前海达闼云端智能科技有限公司 域名解析方法和装置

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113315848A (zh) * 2020-02-27 2021-08-27 阿里巴巴集团控股有限公司 访问控制方法、装置及设备
CN113315848B (zh) * 2020-02-27 2023-04-21 阿里巴巴集团控股有限公司 访问控制方法、装置及设备
CN111885217B (zh) * 2020-07-21 2023-11-07 深信服科技股份有限公司 一种数据通信方法、装置、设备及存储介质
CN111885217A (zh) * 2020-07-21 2020-11-03 深信服科技股份有限公司 一种数据通信方法、装置、设备及存储介质
CN112398694A (zh) * 2020-11-18 2021-02-23 互联网域名系统北京市工程研究中心有限公司 流量检测系统、方法及存储介质
CN112398694B (zh) * 2020-11-18 2024-02-20 互联网域名系统北京市工程研究中心有限公司 流量检测系统、方法及存储介质
CN112910902A (zh) * 2021-02-04 2021-06-04 浙江大华技术股份有限公司 数据解析方法、装置、电子设备、计算机可读存储介质
CN115150358A (zh) * 2021-03-31 2022-10-04 贵州白山云科技股份有限公司 域名获取的方法、电子装置以及系统
CN115150358B (zh) * 2021-03-31 2024-02-13 贵州白山云科技股份有限公司 域名获取的方法、电子装置以及系统
CN113438307A (zh) * 2021-06-22 2021-09-24 北京金山安全软件有限公司 一种域名解析方法、服务器、系统及存储介质
CN114285822A (zh) * 2021-12-15 2022-04-05 中国银联股份有限公司 一种域名解析服务器切换方法及装置
CN115378906A (zh) * 2022-08-16 2022-11-22 北京轻网科技股份有限公司 一种基于vpn框架的本地dns代理方法、装置、设备及介质
CN115378906B (zh) * 2022-08-16 2024-02-13 北京轻网科技股份有限公司 一种基于vpn框架的本地dns代理方法、装置、设备及介质

Also Published As

Publication number Publication date
CN108886540A (zh) 2018-11-23
CN108886540B (zh) 2021-07-23

Similar Documents

Publication Publication Date Title
WO2019237288A1 (fr) Procédé et appareil de résolution de nom de domaine, et support d'informations lisible par ordinateur
US10009271B2 (en) Routing method and network transmission apparatus
US10523783B2 (en) Request routing utilizing client location information
US10911398B2 (en) Packet generation method based on server cluster and load balancer
EP0865180B1 (fr) Répartition de charge entre serveurs d'un réseau TCP/IP
EP3780552B1 (fr) Procédé de traitement de message dans un dispositif distribué, et dispositif distribué
US8458303B2 (en) Utilizing a gateway for the assignment of internet protocol addresses to client devices in a shared subset
US10263950B2 (en) Directing clients based on communication format
US20030154306A1 (en) System and method to proxy inbound connections to privately addressed hosts
US10333780B2 (en) Method, apparatus and computer program product for updating load balancer configuration data
WO2013040942A1 (fr) Système et appareil de centre de données, et procédé de fourniture de service
WO2011123812A1 (fr) Recherche inverse de dns avec associations inverses modifiées
WO2004072798A2 (fr) Procedes et systemes de fourniture d'un systeme de nom de domaine dynamique pour commande de route entrante
US11438309B2 (en) Preventing a network protocol over an encrypted channel, and applications thereof
CN109525684B (zh) 报文转发方法和装置
JP2007207231A (ja) ネットワークにおける分散サービスへのアクセス法
WO2016134624A1 (fr) Procédé, dispositif et système de routage, et procédé et dispositif de répartition de passerelle
WO2015039475A1 (fr) Procédé, serveur et système de résolution de nom de domaine
US20220182354A1 (en) Decoupling of ip address bindings and use in a distributed cloud computing network
US9697173B2 (en) DNS proxy service for multi-core platforms
KR101345372B1 (ko) 사용자 정보에 기반한, 도메인 네임 시스템 및 도메인 네임 서비스 방법
JP2010226665A (ja) 負荷分散システム、負荷分散装置、及び負荷分散方法
US20200274799A1 (en) Multi-vrf and multi-service insertion on edge gateway virtual machines
RU2690752C1 (ru) Способ, устройство, носители информации, считываемые с помощью компьютера, и система для построения соединений между клиентом и устройством-адресатом или терминалом
Dragolov et al. Anycast DNS System in AS5421

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18922404

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 18.05.2021)

122 Ep: pct application non-entry in european phase

Ref document number: 18922404

Country of ref document: EP

Kind code of ref document: A1