What technology area does this patent fall under?

Primary CPC classification H04L61/4511. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Aug 26 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Multiple data center compatible deployment of applications matching a wildcard domain name

US12401616B2 · US · B2

Patent metadata
Field	Value
Publication number	US-12401616-B2
Application number	US-202318533522-A
Country	US
Kind code	B2
Filing date	Dec 8, 2023
Priority date	Dec 8, 2023
Publication date	Aug 26, 2025
Grant date	Aug 26, 2025

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A network controller communicates a wildcard domain name defined by a tenant and IP addresses of data centers for which a tenant has configured that wildcard to network elements of a network fabric through which the data centers are accessible. Each network element creates a rule to forward DNS requests with FQDNs that match the wildcard to each data center IP address. When a network element receives a DNS request indicating a FQDN that matches the wildcard, the network element forwards the DNS request to each data center IP address. Each data center element associated with one of the IP addresses receives the DNS request and determines if the FQDN can be resolved to an IP address in that data center. Data center elements for which domain name resolution is successful notify the network controller, which onboards the resource corresponding to the FQDN in that data center.

First claim

Opening claim text (preview).

The invention claimed is: 1. A method comprising, detecting configuration of a forwarding rule that indicates a first domain name and a plurality of data centers of a tenant, wherein the first domain name comprises a wildcard character; configuring reachability of applications of the tenant having domain names that match to the first domain name and that are deployed across the plurality of data centers of the tenant, wherein configuring reachability of the applications of the tenant having domain names that match to the first domain name comprises, communicating, to each of a plurality of network elements, a configuration of the forwarding rule that indicates the first domain name and the plurality of data centers; and configuring the plurality of network elements to forward domain name system (DNS) requests matching to the first domain name to each of the plurality of data centers. 2. The method of claim 1 , wherein configuring the plurality of network elements to forward DNS requests matching to the first domain name to each of the plurality of data centers comprises configuring a plurality of forwarding rules to forward DNS requests that match to the first domain name from each of the plurality of network elements to corresponding ones of a plurality of IP addresses, wherein each of the plurality of IP addresses is associated with a corresponding one of the plurality of data centers. 3. The method of claim 2 , wherein configuring the plurality of forwarding rules to forward DNS requests from the plurality of network elements to corresponding ones of the plurality of IP addresses comprises configuring forwarding of DNS requests matching to the first domain name to respective ones of a plurality of application connectors, wherein each of the plurality of application connectors has been deployed to a respective one of the plurality of data centers and has been assigned one of the plurality of IP addresses. 4. The method of claim 3 , wherein the plurality of IP addresses comprise anycast IP addresses, and wherein subsets of the plurality of application connectors that are within a same one of the plurality of data centers have been assigned a same one of the anycast IP addresses. 5. The method of claim 1 further comprising, based on forwarding of a first DNS request comprising a first fully qualified domain name (FQDN) that matches to the first domain name to each of the plurality of data centers, determining that the first FQDN was resolved in a first data center of the plurality of data centers; and indicating that an application associated with the first FQDN is located in the first data center. 6. The method of claim 5 further comprising, based on forwarding of a second DNS request comprising the first FQDN that matches to the first domain name to each of the plurality of data centers, determining that the first FQDN was also resolved in a second data center of the plurality of data centers, wherein the first and second data centers are different; and indicating that the application associated with the first FQDN is also located in the second data center. 7. The method of claim 5 further comprising, based on forwarding of a third DNS request comprising a second FQDN that matches to the first domain name to each of the plurality of data centers, determining that the second FQDN was resolved in a third data center of the plurality of data centers, wherein the first and second FQDNs are different, wherein the first and third data centers are different; and indicating that an application associated with the second FQDN is located in the third data center. 8. The method of claim 5 , wherein indicating that the application associated with the first FQDN is located in the first data center comprises configuring forwarding of DNS requests that indicate the first FQDN to the first data center. 9. The method of claim 8 further comprising, allocating a virtual IP address to the first FQDN; and configuring a DNS entry that resolves the first FQDN to the virtual IP address, wherein configuring forwarding of DNS requests that indicate the first FQDN to the first data center comprises configuring forwarding of DNS requests that resolve to the virtual IP address and indicate a protocol and port used by the application associated with first FQDN to the first data center. 10. One or more non-transitory machine-readable media having program code stored thereon, the program code comprising instructions to: detect configuration of a forwarding rule that indicates a first domain name and a plurality of data centers of a tenant, wherein the first domain name comprises a wildcard character, wherein resources of the tenant having fully qualified domain names (FQDNs) that match to the first domain name are hosted in respective ones of the plurality of data centers; communicate, to each of a plurality of network elements of a network fabric that route network traffic to the plurality of data centers, an indication of the first domain name and network addresses associated with the plurality of data centers; and configure forwarding of domain name system (DNS) requests indicating FQDNs that match to the first domain name from each of the plurality of network elements to each of the plurality of data centers. 11. The non-transitory machine-readable media of claim 10 , wherein the instructions to configure forwarding of DNS requests indicating FQDNs that match to the first domain name from each of the plurality of network elements to each of the plurality of data centers comprise instructions to, for each of the plurality of network elements, configure a plurality of forwarding rules, wherein each of the plurality of forwarding rules indicates a corresponding one of the network addresses that is associated with one of the plurality of data centers. 12. The non-transitory machine-readable media of claim 11 , wherein each of the network addresses is an Internet Protocol (IP) address of an application connector instantiated in one of the plurality of data centers, wherein each of the plurality of forwarding rules is to forward DNS requests indicating FQDNs that match to the first domain name to an IP address of an application connector instantiated in a respective one of the plurality of data centers. 13. The non-transitory machine-readable media of claim 10 , wherein the program code further comprises instructions to: based on forwarding of a first DNS request comprising a first FQDN that matches to the first domain name to each of the plurality of data centers, determine that the first FQDN was resolved in one or more data centers of the plurality of data centers; and for each of the one or more data centers in which the first FQDN was resolved, configure forwarding of DNS requests that indicate the first FQDN to the data center. 14. The non-transitory machine-readable media of claim 13 , wherein the program code further comprises instructions to: based on forwarding of a second DNS request comprising a second FQDN that matches to the first domain name to each of the plurality of data centers, determine that the second FQDN was resolved in one or more data centers of the plurality of data centers, wherein the second FQDN differs from the first FQDN, wherein at least a first of the one or more data centers in which the second FQDN was resolved differs from any of the one or more data centers in which the first FQDN was resolved; and for each of the one or more data centers in which the second FQDN was resolved, configure forwarding of DNS requests that indicate the second FQDN to the data center. 15. An appar

Assignees

Palo Alto Networks Inc

Inventors

Classifications

H04L61/5007
Internet protocol [IP] addresses · CPC title
H04L61/4511Primary
using domain name system [DNS] · CPC title

Patent family

Related publications grouped by family.

View patent family 94216814

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US12401616B2 cover?: A network controller communicates a wildcard domain name defined by a tenant and IP addresses of data centers for which a tenant has configured that wildcard to network elements of a network fabric through which the data centers are accessible. Each network element creates a rule to forward DNS requests with FQDNs that match the wildcard to each data center IP address. When a network element re…
Who is the assignee on this patent?: Palo Alto Networks Inc
What technology area does this patent fall under?: Primary CPC classification H04L61/4511. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Aug 26 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).

How to read this patent

Abstract

First claim

Assignees

Inventors

Classifications

Patent family

External sources

Related patents

Systems and methods for udp network traffic routing to distributed data centers via cloud vpn

Reverse TCP/IP stack

Logical forwarding element identifier translation between datacenters

Resolution of domain name requests in heterogeneous network environments

Systems and methods for utilization of anycast techniques in a DNS architecture

Resolution of domain name requests in heterogeneous network environments

Cloud-based virtual private access systems and methods

Frequently asked questions