What technology area does this patent fall under?

Primary CPC classification H04L12/4641. Mapped technology areas include Electricity.

When was this patent published?

Publication date Thu Dec 07 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).

System And Method For Suppressing DNS Requests

US2017353331A1 · US · A1

Patent metadata
Field	Value
Publication number	US-2017353331-A1
Application number	US-201715620617-A
Country	US
Kind code	A1
Filing date	Jun 12, 2017
Priority date	Jan 27, 2015
Publication date	Dec 7, 2017
Grant date	—

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A virtual private router (VPR) intercepts DNS requests and returns a pseudo IP address to the requesting application and the pseudo IP address is mapped to a domain name in the request. Requests for content including the pseudo IP address are modified to include the corresponding domain name and transmitted to an intermediary server, which resolves the domain name to a real IP address and forwards the content request. The content is received by the intermediary server, which returns it to the requesting application, such as by way of the VPR. Real IP addresses may be returned by the intermediary server such that subsequent content requests to the domain name may bypass the intermediary server. Requests for certain domains, ports, and/or protocols may bypass the intermediary server such that the VPR resolves the domain names to real IP addresses.

First claim

Opening claim text (preview).

What is claimed is: 1 . A method for managing virtual private network (VPN) connections, the method comprising: receiving, by a VPN server computer, first encapsulated traffic from a computing device; dis-encapsulating, by the VPN server computer, the first encapsulated traffic to obtain first traffic; modifying, by the VPN server computer, the first traffic, the modifying including replacing a first internet protocol (IP) address in the first traffic with a second IP address to obtain modified first traffic; and transmitting, by the VPN server computer, the modified first traffic to the second IP address; wherein the first IP address is a non-routable IP address and the second IP address is a routable IP address; wherein the method further comprises: intercepting from an application executing on the computing device by a module executing on the computing device, a domain resolution request including a first domain name, the domain resolution request addressed to a first external server; suppressing, by the module, transmission of the domain resolution request to the external server; returning, by the module to the application, the first IP address as a response to the domain resolution request; receiving from the application by the module, a second traffic addressed to the first IP address; encapsulating, by the module, the second traffic to generate the first encapsulated traffic, the first traffic including at least part of the second traffic; and transmitting, by the module, the first encapsulated traffic to the VPN server. 2 . The method of claim 1 , wherein the first traffic includes at least part of the first domain name. 3 . The method of claim 2 , wherein at least part of the first domain name is provided in at least one of a HOST header, SNI header and CONNECT header. 4 . The method of claim 2 , further comprising: intercepting from the application by the module, the second traffic addressed to the first IP address; in response to intercepting from the application by the module, the second traffic: determining, by the module, a domain name corresponding to the first IP address; converting, by the module, the second traffic into the first traffic, the conversion including adding at least part of the domain name corresponding to the first IP address to the second traffic. 5 . The method of claim 1 , wherein replacing, by the VPN server computer, the first IP address in the first traffic with the second IP address further comprises: obtaining, for the first traffic, a domain name corresponding to the first IP address; and resolving the domain name to obtain the second IP address. 6 . The method of claim 5 , wherein resolving the domain name to the second IP address comprises issuing, by the VPN server computer, a domain name service (DNS) request including the domain name to a DNS server and receiving a response with the second IP address from the DNS server. 7 . The method of claim 1 , wherein replacing, by the VPN server computer, the first IP address in the first traffic with the second IP address further comprises: identifying, by the VPN server computer, in the first traffic, a pointer; retrieving, by the VPN server computer, a text string referenced by the pointer; and resolving the text string to obtain the second IP address. 8 . A method for managing virtual private network (VPN) connections, the method comprising: receiving, by a VPN server computer, first encapsulated traffic from a computing device; dis-encapsulating, by the VPN server computer, the first encapsulated traffic to obtain first traffic; replacing, by the VPN server computer, a first internet protocol (IP) address in the first traffic with a second IP address to obtain modified first traffic; and transmitting, by the VPN server computer, the modified first traffic to the second IP address; wherein replacing, by the VPN server computer, the first IP address in the first traffic with the second IP address further comprises: mapping, by the VPN server, the first IP address to a domain name; resolving the domain name to the second IP address, the second IP address being different from the first IP address. 9 . The method of claim 8 , where the first IP address corresponds to a first content server and the second IP address corresponds to a second content server, the first and second content servers being located at different distances from the VPN server. 10 . A system for managing virtual private network (VPN) connections, the system comprising one or more processors and one or more memory devices operably coupled to the one or more processors, the one or more memory devices storing executable and operational data effective to cause the one or more processors to: receive first encapsulated traffic from a computing device; dis-encapsulating the first encapsulated traffic to obtain first traffic; modify the first traffic by replacing a first internet protocol (IP) address in the first traffic with a second IP address to obtain modified first traffic; and transmit the modified first traffic to the second IP address; wherein the first IP address is a non-routable IP address and the second IP address is a routable IP address; wherein the system further comprises the computing device, the computing device programmed to: intercept from an application executing on the computing device by a module executing on the computing device, a domain resolution request including a first domain name, the domain resolution request addressed to a first external server; suppress, by the module, transmission of the domain resolution request to the external server; returning, by the module to the application, the first IP address as a response to the domain resolution request receive from the application by the module, a second traffic addressed to the first IP address; encapsulate, by the module, the second traffic to generate the first encapsulated traffic, the first traffic including at least part of the second traffic; and transmit, by the module, the first encapsulated traffic to the VPN server. 11 . The system of claim 10 , wherein the first traffic includes at least part of the first domain name. 12 . The system of claim 11 , wherein at least part of the first domain name is provided in at least one of a HOST header, SNI header, and CONNECT header. 13 . The system of claim 11 , wherein the computing device is further programmed to: intercept from the application by the module, the second traffic addressed to the first IP address; in response to intercepting from the application by the module, the second traffic: determine, by the module a domain name corresponding to the first IP address; convert, by the module, the second traffic into the first traffic, the conversion including adding at least part of the domain name corresponding to the first IP address to the second traffic. 14 . The system of claim 10 , wherein the executable and operational data is further effective to cause the one or more processors to replace the first IP address in the first traffic with the second IP address by: obtaining, for the first traffic, a domain name corresponding to the first IP address; and resolving the domain name to obtain the second IP address. 15 . The system of claim 14 , wherein the executable and operational data is further effective to cause the one or more processors to resolve the domain name to the second IP address by issuing a domain name service (DNS) request including the domain name to a DNS server and receiving a response with the second IP address fr

Assignees

Anchorfree Inc

Inventors

Classifications

H04L61/1511
Electricity · mapped topic
H04L61/6013
Electricity · mapped topic
H04L67/327
Electricity · mapped topic
H04L63/00
Network architectures or network communication protocols for network security (cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00; network architectures or network communication protocols for wireless network security H04W12/00; security arrangements for protecting computers or computer systems against unauthorised activity G06F21/00) · CPC title
H04L61/6009
Electricity · mapped topic

Patent family

Related publications grouped by family.

View patent family 56433551

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US2017353331A1 cover?: A virtual private router (VPR) intercepts DNS requests and returns a pseudo IP address to the requesting application and the pseudo IP address is mapped to a domain name in the request. Requests for content including the pseudo IP address are modified to include the corresponding domain name and transmitted to an intermediary server, which resolves the domain name to a real IP address and forwa…
Who is the assignee on this patent?: Anchorfree Inc
What technology area does this patent fall under?: Primary CPC classification H04L12/4641. Mapped technology areas include Electricity.
When was this patent published?: Publication date Thu Dec 07 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).