Secure domain name resolution in computer networks
US-2017093802-A1 · Mar 30, 2017 · US
Methods of collaborative hardware and software DNS acceleration and DDOS protection
US10530758B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10530758-B2 |
| Application number | US-201615382018-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 16, 2016 |
| Priority date | Dec 18, 2015 |
| Publication date | Jan 7, 2020 |
| Grant date | Jan 7, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments are directed towards managing name service communications. A name service device may be arranged to employ a hardware domain name service (DNS) processor to receive a name service query. The hardware DNS processor may perform operations on the name service query. If operations performed by the hardware DNS processor do not resolve the name service query, further operations may be performed. The name service device may be arranged to provide a name service reply that includes the answer to the name service query. And, the name service device may be arranged to send the name service reply back to the hardware DNS processor. Accordingly, the hardware DNS processor on the name service device may send the name service reply that includes at least an answer to the name service query to the requesting computers.
First claim
Opening claim text (preview).
What is claimed as new and desired to be protected by Letters Patent of the United States is: 1. A method for managing name service communications, executable by one or more name service devices with at least one processor executing the method, the method comprising actions to: receive, by a hardware domain name service (DNS) processor on one or more name service devices, a name service query from one or more requesting computers; perform, by the hardware DNS processor on the one or more name service devices, one or more operations on the name service query; when, the name service query is unresolved by the one or more operations performed by the hardware DNS processor on the one or more name service devices, perform, by a second processor on the one or more name service devices, further operations, including: provide, by the second processor on the one or more name service devices, a name service reply that includes at least an answer to the name service query; and send, by a third processor on the one or more name service devices, the name service reply to the hardware DNS processor on the one or more name service devices, wherein the second and third processors are implemented as software processors to increase an amount of operations over time that are performed by the one or more name service devices; and send, by the hardware DNS processor on the one or more name service devices, a name service reply that includes at least an answer to the name service query to the one or more requesting computers; perform, by the hardware DNS processor on the one or more name service devices, operations to provide an index value for a software DNS processor lookup table; perform, by the hardware DNS processor on the one or more name service devices, operations to provide a program that is associated with the software DNS processor; and perform, by the hardware DNS processor on the one or more name service devices, operations based on instructions included in the program; perform, by the third processor on the one or more name service devices, operations to compare fingerprint information that is based on the at least name service reply with other finger information that is associated with the name service query; when the comparison provides an affirmative result, perform, by a fourth processor on the one or more name service devices, operations to authenticate the name service reply, wherein the fourth processor is implemented as a software processor; and when the name service query is unresolved by the operation performed by the second processor on the one or more name service devices, perform, by a fourth processor on the one or more name service devices, the further operations, including: perform, by the fourth processor on the one or more name service devices, operations to provide fingerprint information that is based on at least the name service query; perform, by the fourth processor on the one or more name service devices, operations to modify the name service query to include the fingerprint information; and send, by the fourth processor on the one or more name service devices, the modified name service query to an external name service server, wherein the fourth processor is implemented as a software processor. 2. The method set forth in claim 1 , wherein one or more of the hardware DNS processor, the second processor, or the third processor are on the same name service device. 3. The method set forth in claim 1 , further comprising: receive, by the hardware DNS processor on the one or more name service devices, the name service reply from one or more external name service servers; and perform, by the second processor on the one or more name service devices, operations to provide fingerprint information that is based on at least the name service reply. 4. The method set forth in claim 1 , further comprises: perform, by the hardware DNS processor on the one or more name service devices, operations to provide a memory address to a program in a memory of an associated processor; and perform, by the hardware DNS processor on the one or more name service devices, direct memory access to access one or more instructions of the program. 5. The method set forth in claim 1 , further comprises, when one or more conditions are met, perform, by a software DNS processor on the one or more name service devices, operations to provide a new program to the hardware DNS processor. 6. One or more name service computing devices comprising: memory comprising programmed instructions stored in the memory; one or more hardware DNS processors; and one or more processors configured to be capable of executing the programmed instructions stored in the memory to: receive a name service query from one or more requesting computers; perform, by the one or more hardware DNS processors, one or more operations on the name service query; when, the name service query is unresolved by the one or more operations performed by the one or more hardware DNS processors, perform, by the one or more processors, further operations, including: providing a name service reply that includes at least an answer to the name service query; and sending the name service reply to the one or more hardware DNS processors on the one or more name service computing devices, wherein second, third, and fourth processors are implemented as software processors to increase an amount of operations over time that are performed by the one or more name service computing devices; and send, by the software processors, a name service reply that includes at least an answer to the name service query to the one or more requesting computers; perform, by the hardware DNS processor on the one or more name service devices, operations to provide an index value for a software DNS processor lookup table; perform, by the hardware DNS processor on the one or more name service devices, operations to provide a program that is associated with the software DNS processor; and perform, by the hardware DNS processor on the one or more name service devices, operations based on instructions included in the program; perform, by the third processor on the one or more name service devices, operations to compare fingerprint information that is based on the at least name service reply with other finger information that is associated with the name service query; when the comparison provides an affirmative result, perform, by a fourth processor on the one or more name service devices, operations to authenticate the name service reply, wherein the fourth processor is implemented as a software processor; and when the name service query is unresolved by the operation performed by the second processor on the one or more name service devices, perform, by a fourth processor on the one or more name service devices, the further operations, including: perform, by the fourth processor on the one or more name service devices, operations to provide fingerprint information that is based on at least the name service query; perform, by the fourth processor on the one or more name service devices, operations to modify the name service query to include the fingerprint information; and send, by the fourth processor on the one or more name service devices, the modified name service query to an external name service server. 7. The one or more name service computing devices set forth in claim 6 , wherein one or more of the one or more hardware DNS processors, or the one or more processors are on the same name service computing device. 8. The one or more name service computing devices set forth in claim 6 , further comprising: receive, by the one or more hardware DNS processors, the name service reply from one or more external name
Assignees
Inventors
Classifications
for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS] · CPC title
Denial of Service · CPC title
for controlling access to devices or network resources · CPC title
Indexing; Web crawling techniques · CPC title
- H04L63/08Primary
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10530758B2 cover?
- Embodiments are directed towards managing name service communications. A name service device may be arranged to employ a hardware domain name service (DNS) processor to receive a name service query. The hardware DNS processor may perform operations on the name service query. If operations performed by the hardware DNS processor do not resolve the name service query, further operations may be pe…
- Who is the assignee on this patent?
- F5 Networks Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/08. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jan 07 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 9 related publications on this page (citations in our corpus or others sharing the same primary CPC).