System and method for tracking domain names for the purposes of network management

The invention claimed is: 1. A non-transitory computer-readable media (CRM) comprising computer programming instructions which, when executed by a processor, cause the processor to perform steps comprising: intercepting a first data packet being transmitted from a domain name system (DNS) server to a first client device, the first data packet being a DNS response; extracting a first internet protocol (IP) address and a first hostname from the first data packet; storing the first IP address and the first hostname as a hostname/IP address pair in a first entry of an identification table; intercepting a second data packet being transmitted in a data flow from a content server to a second client device; identifying a second IP address in a header of the second data packet; determining whether the second IP address is in the first entry; and in response to determining that the second IP address is in the first entry: determining, using the first entry, a first characteristic associated with the data flow, the first characteristic including an amount of transferred bytes associated with the hostname/IP address pair; determining, based on the first characteristic, whether a traffic management policy should be applied to the data flow; in response to determining that the data traffic management policy should be applied, applying the traffic management policy to the data flow to deliver the second data packet to the second client device; determining a second characteristic of the second data packet; and updating the first entry of the identification table with the second characteristic. 2. The CRM of claim 1 , wherein the second characteristic is an amount of bytes in the second data packet, a timestamp of the second data packet, or a combination thereof. 3. The CRM of claim 2 , wherein the steps further comprise: pruning the first entry from the identification table based on the second characteristic when the identification table exceeds a predetermined size. 4. The CRM of claim 1 , wherein applying the traffic management policy to the data flow includes causing the data flow to be transferred to the second client device over surplus network capacity of a network. 5. The CRM of claim 1 , wherein applying the traffic management policy to the data flow includes throttling the data flow. 6. The CRM of claim 1 , wherein applying the traffic management policy to the data flow includes temporarily storing data packets of the data flow. 7. The CRM of claim 1 , wherein applying the traffic management policy to the data flow includes rerouting the data flow. 8. The CRM of claim 1 , wherein a payload of the second data is encrypted, and wherein the IP address in the header of the second data packet is identified without performing decryption. 9. The CRM of claim 1 , wherein extracting the IP address and the hostname from the first data packet includes reading the IP address and the hostname from resource records (RRs) in the DNS response. 10. The CRM of claim 9 , wherein reading the IP address and the hostname from RRs in the DNS response includes reading the IP address in an ‘RDATA’ field of the DNS response and reading the hostname in a ‘NAME’ field of the DNS response. 11. The CRM of claim 1 , wherein the identification table is a hash table. 12. The CRM of claim 1 , wherein determining, based on the first characteristic associated with the data flow, whether the traffic management policy should be applied to the data flow includes determining that the traffic management policy should be applied by determining that the data flow is an elephant flow. 13. The CRM of claim 1 , wherein determining, based on the first characteristic associated with the data flow, whether the traffic management policy should be applied to the data flow includes determining that the traffic management policy should be applied by determining that a network transporting the data flow is congested. 14. The CRM of claim 1 , wherein determining, based on the first characteristic associated with the data flow, whether the traffic management policy should be applied to the data flow includes determining that the traffic management policy should be applied by determining that the data flow would be burdensome to the network transporting the data flow. 15. The CRM of claim 1 , wherein determining, based on the first characteristic associated with the data flow, whether the traffic management policy should be applied to the data flow includes determining that the traffic management policy should be applied by determining that the data flow is less important than other data being transported by the network transporting the data flow. 16. A non-transitory computer-readable media (CRM) comprising computer programming instructions which, when executed by one or more processors of a system, cause the system to perform steps comprising: extracting a plurality of mappings, each mapping including a respective internet protocol (IP) address and a respective hostname, from a plurality of first data packets, respectively, each of the first data packets being a DNS response; and storing the plurality of mappings as respective hostname/IP address pairs in a plurality of entries of an identification table, the identification table being indexed by the respective IP addresses of the mappings; and extracting a second IP address from a header of a non-DNS packet of a data flow; determining an amount of transferred bytes corresponding to a second hostname/IP address pair that includes the second IP address using an entry of the plurality of entries of the identification table, the entry including the second hostname/IP address pair; and determining whether to apply a traffic management policy to the data flow based on the amount of transferred bytes; and in response to determining that the data traffic management policy should be applied, applying the traffic management policy to the data flow to deliver the second data packet to the second client device; determining a characteristic of the non-DNS data packet; and updating the entry of the identification table with the characteristic. 17. The CRM of claim 16 , wherein determining whether to apply a traffic management policy to the data flow based on the amount of transferred bytes includes determining to apply the traffic management policy to the data flow when the amount of transferred bytes is greater than a threshold. 18. The CRM of claim 16 , wherein applying the traffic management policy includes causing the data flow to be transferred to the second client device over surplus network capacity of a network, by throttling the data flow, by temporarily storing data packets of the data flow, by rerouting the data flow, or a combination thereof.