What technology area does this patent fall under?

Primary CPC classification H04L12/4641. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Nov 14 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

System and method for suppressing DNS requests

US9819513B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9819513-B2
Application number	US-201514606610-A
Country	US
Kind code	B2
Filing date	Jan 27, 2015
Priority date	Jan 27, 2015
Publication date	Nov 14, 2017
Grant date	Nov 14, 2017

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A virtual private router (VPR) intercepts DNS requests and returns a pseudo IP address to the requesting application and the pseudo IP address is mapped to a domain name in the request. Requests for content including the pseudo IP address are modified to include the corresponding domain name and transmitted to an intermediary server, which resolves the domain name to a real IP address and forwards the content request. The content is received by the intermediary server, which returns it to the requesting application, such as by way of the VPR. Real IP addresses may be returned by the intermediary server such that subsequent content requests to the domain name may bypass the intermediary server. Requests for certain domains, ports, and/or protocols may bypass the intermediary server such that the VPR resolves the domain names to real IP addresses.

First claim

Opening claim text (preview).

What is claimed is: 1. A method for managing virtual private network (VPN) connections, the method comprising: receiving, by a VPN server computer, first encapsulated traffic from a computing device; dis-encapsulating, by the VPN server computer, the first encapsulated traffic to obtain first traffic; replacing, by the VPN server computer, a first internet protocol (IP) address in the first traffic with a second internet protocol address; and transmitting, by the VPN server computer, the first traffic to the second IP address; wherein the first IP address is a non-routable IP address and the second IP address is a routable IP address; wherein the method further comprises: intercepting from an application executing on the computing device by a module executing on the computing device, a domain resolution request including a domain name, the domain resolution request addressed to a first external server; suppressing, by the module, transmission of the domain resolution request to the external server; returning, by the module to the application, the non-routable IP address as a response to the domain resolution request; intercepting from the application by the module, a VPN communication addressed to the VPN server the VPN communication including the non-routable IP address; in response to intercepting from the application by the module, the VPN communication addressed to the VPN server, generating, by the module, a modified VPN communication including the both the domain name and the non-routable IP address in a destination address field; encapsulating, by the module, the modified VPN communication to generate the first encapsulated traffic; and transmitting, by the module, the modified content request to the VPN server. 2. The method of claim 1 , wherein replacing, by the VPN server computer, the first IP address in the first traffic with the second IP address further comprises: identifying, for the first encapsulated traffic, a domain name corresponding to the first IP address; and resolving the domain name to obtain the second IP address. 3. The method of claim 2 , wherein resolving the domain name to the second IP address comprises issuing, by the VPN server computer, a domain name service (DNS) request including the domain name to a DNS server and receiving a response with the second IP address from the DNS server. 4. The method of claim 1 , wherein replacing, by the VPN server computer, the first internet protocol (IP) address in the first traffic with the second internet protocol address further comprises: identifying, by the VPN server computer, in the first encapsulated traffic, a pointer; retrieving, by the VPN server computer, a text string referenced by the pointer; and resolving the text string to obtain the second IP address. 5. The method of claim 1 , wherein replacing, by the VPN server computer, the first IP address in the first traffic with the second IP address further comprises: mapping, by the VPN server, the first IP address to a domain name; resolving the domain name to the second IP address, the second IP address corresponding to a second content server that is closer to the VPN server than a first content server corresponding to the first IP address. 6. A method for managing virtual private network (VPN) connections, the method comprising: receiving, by a VPN server computer, first encapsulated traffic from a computing device; dis-encapsulating, by the VPN server computer, the first encapsulated traffic to obtain first traffic; replacing, by the VPN server computer, a first internet protocol (IP) address in the first traffic with a second internet protocol address; and transmitting, by the VPN server computer, the first traffic to the second IP address; wherein replacing, by the VPN server computer, the first IP address in the first traffic with the second IP address further comprises: determining, by the VPN server, that the first IP address corresponds to a first content server that is greater than a threshold distance from the VPN server; in response to determining, by the VPN server, that the first IP address corresponds to the first content server that is greater than a threshold distance from the VPN server— mapping, by the VPN server, the first IP address to a domain name; resolving the domain name to the second IP address, the second IP address corresponding to a second content server that is closer to the VPN server than the first content server. 7. The method of claim 1 , wherein replacing, by the VPN server computer, the first internet protocol (IP) address in the first traffic with a second internet protocol address is performed within a VPN tunnel of the first encapsulated traffic. 8. A system for managing virtual private network (VPN) connections, the system comprising one or more processors and one or more memory devices operably coupled to the one or more processors, the one or more memory devices storing executable and operational data effective to cause the one or more processors to: receive first encapsulated traffic from a computing device; dis-encapsulating the first encapsulated traffic to obtain first traffic; replace a first internet protocol (IP) address in the first traffic with a second internet protocol address; and transmit the first traffic to the second IP address; wherein the first IP address is a non-routable IP address and the second IP address is a routable IP address; wherein the system further comprises the computing device, the computing device programmed to: intercept from an application executing on the computing device by a module executing on the computing device, a domain resolution request including a domain name, the domain resolution request addressed to a first external server; suppress, by the module, transmission of the domain resolution request to the external server; returning, by the module to the application, the non-routable IP address as a response to the domain resolution request intercept from the application by the module, a VPN communication addressed to the VPN server the VPN communication including the non-routable IP address; in response to intercepting from the application by the module, the VPN communication addressed to the VPN server, generate, by the module, a modified VPN communication including the both the domain name and the non-routable IP address in a destination address field; encapsulate, by the module, the modified VPN communication to generate the first encapsulated traffic; and transmit, by the module, the modified content request to the VPN server. 9. The system of claim 8 , wherein the executable and operational data are further effective to cause the one or more processors to replace the first IP address in the first traffic with the second IP address further by: identifying, in the first encapsulated traffic, a domain name; and resolving the domain name to obtain the second IP address. 10. The system of claim 9 , wherein the executable and operational data are further effective to cause the one or more processors to resolve the domain name to the second IP address by issuing a domain name service (DNS) request including the domain name to a DNS server and receiving a response with the second IP address from the DNS server. 11. The system of claim 8 , wherein the executable and operational data are further effective to cause the one or more processors to replace the first internet protocol (IP) address in the first traffic with the second internet protocol address further by: identifying, by the VPN server computer, in the first encapsulated traffic, a pointer; retrieving, by the VPN server computer, a text string referenced by

Assignees

Anchorfree Inc

Inventors

Classifications

H04L12/4641Primary
Virtual LANs, VLANs, e.g. virtual private networks [VPN] (LAN interconnection over a bridge based backbone H04L12/462; encapsulation techniques H04L12/4633; routing of packets H04L45/00; packet switches H04L49/00; virtual private networks for security H04L63/0272) · CPC title
H04L61/1511
Electricity · mapped topic
H04L61/6009
Electricity · mapped topic
H04L63/00
Network architectures or network communication protocols for network security (cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00; network architectures or network communication protocols for wireless network security H04W12/00; security arrangements for protecting computers or computer systems against unauthorised activity G06F21/00) · CPC title
H04L61/6013
Electricity · mapped topic

Patent family

Related publications grouped by family.

View patent family 56433551

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9819513B2 cover?: A virtual private router (VPR) intercepts DNS requests and returns a pseudo IP address to the requesting application and the pseudo IP address is mapped to a domain name in the request. Requests for content including the pseudo IP address are modified to include the corresponding domain name and transmitted to an intermediary server, which resolves the domain name to a real IP address and forwa…
Who is the assignee on this patent?: Anchorfree Inc
What technology area does this patent fall under?: Primary CPC classification H04L12/4641. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Nov 14 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).