1262 results about "Domain Name System" patented technology

A system and method for balancing the load on virtual servers managed by server array controllers at separate data centers that are geographically distributed on a wide area network such as the Internet is described. The virtual servers provide access to resources associated with a domain name request by a client program. When a Primary Domain Name System (DNS) determined the requested domain name is delegated to a EDNS, the EDNS employs metric information and statistics to resolve an IP address for a virtual server that is selected by the EDNS to optimally balance the load and provide access to resources associated with the domain name. The EDNS may load balance name servers. Additionally, the name server load balancing system may bridge disparate content delivery networks. Internet addresses are divided into geographical information that is used to delegate traffic. Also, metric information is collected and analyzed to help distribute the traffic.

Malicious network activities do not make use of the Domain Name System (DNS) protocol to reach remote targets outside a local network. This DNS-based enforcement system for confinement and detection of network malicious activities requires that every connection toward a resource located outside the local network is blocked by default by the local enforcement box, e.g. a firewall or a proxy. Outbound connections are allowed to leave the local network only when authorized directly by an entity called the DNS Gatekeeper.

A serverless name resolution protocol ensures convergence despite the size of the network, without requiring an ever-increasing cache and with a reasonable numbers of hops. This convergence is ensured through a multi-level cache and a proactive cache initialization strategy. The multi-level cache is built based on a circular number space. Each level contains information from different levels of slivers of the circular space. A mechanism is included to add a level to the multi-level cache when the node determines that the last level is full. A peer-to-peer name resolution protocol (PNRP) includes a mechanism to allow resolution of names which are mapped onto the circular number space through a hash function. Further, the PNRP may also operate with the domain name system by providing each node with an identification consisting of a domain name service (DNS) component and a unique number.

A scalable domain name system with persistence and load balancing receives requests from client DNS servers or other DNS servers. Each DNS server is associated with a subset of the DNS groups in the network and the invention checks to see if the client DNS server is part of the DNS group that the DNS server is authoritative. If the DNS server is not authoritative for the client DNS server's group, then the request is forwarded to the proper DNS server. The receiving DNS checks to see if a persistent response is required for the request. If a persistent response is required, the appropriate IP address is returned to the requestor. If a persistent response is not required, the load, availability, and latency of the content servers are used to determine the proper content server's address to return to the requestor.

A program running on a web server allows automated domain name registration, modification and management through an interface running on a client machine. The program redefines the concept of the Domain Name System zones by breaking them down into discrete records that can be managed in a database. The structuring of domain records in such a way allows global modifications to a given record type for all domains owned by a given domain name Registrant. Further, when run on the web server of an accredited registrar, the program enables domain name Registrants an easy and efficient way to reliably monitor and manage their domain name property.

A Domain Name System (DNS) server is configured for dynamically selecting, for a client device, a selected resolution from available resolutions, the selected resolution identifying at least one destination for the specified service. The dynamic selection of the selected resolution is based on an attribute of the client device and / or a determined attribute of the network. Hence, the selected resolution directs the client device to a specific server based on prescribed selection criteria, for example service level agreements, the location of the client device, network performance or detected congestion conditions, authentication of the user of the client device, etc. The selected resolution also can be for enforcement of load balancing policies.

A Domain Name System (DNS) server of a conventional DNS includes a DNS query having a highest level domain (HLD), a root zone having at least one root resource record adapted to resolve said DNS query when it is determined that said HLD is a top level domain alias (TLDA).

An out-of-band Domain Name System (DNS) security technique uses a cryptographic blockchain for securing and validating DNS data in a chain of custody that exists outside the DNS namespace, allowing validated access to cached DNS information without requiring real-time access to root servers.

The present invention is a network architecture or framework that supports hosting and content distribution on a truly global scale. The inventive framework allows a Content Provider to replicate and serve its most popular content at an unlimited number of points throughout the world. The inventive framework comprises a set of servers operating in a distributed manner. The actual content to be served is preferably supported on a set of hosting servers (sometimes referred to as ghost servers). This content comprises HTML page objects that, conventionally, are served from a Content Provider site. In accordance with the invention, however, a base HTML document portion of a Web page is served from the Content Provider's site while one or more embedded objects for the page are served from the hosting servers, preferably, those hosting servers near the client machine. By serving the base HTML document from the Content Provider's site, the Content Provider maintains control over the content.

A Domain Name System (DNS) server is configured for dynamically selecting, for a client device, a selected resolution from available resolutions, the selected resolution identifying at least one destination for the specified service. The dynamic selection of the selected resolution is based on an attribute of the client device and / or a determined attribute of the network. Hence, the selected resolution directs the client device to a specific server based on prescribed selection criteria, for example service level agreements, the location of the client device, network performance or detected congestion conditions, authentication of the user of the client device, etc. The selected resolution also can be for enforcement of load balancing policies.

A serverless name resolution protocol ensures convergence despite the size of the network, without requiring an ever-increasing cache and with a reasonable numbers of hops. This convergence is ensured through a multi-level cache and a proactive cache initialization strategy. The multi-level cache is built based on a circular number space. Each level contains information from different levels of slivers of the circular space. A mechanism is included to add a level to the multi-level cache when the node determines that the last level is full. A peer-to-peer name resolution protocol (PNRP) includes a mechanism to allow resolution of names which are mapped onto the circular number space through a hash function. Further, the PNRP may also operate with the domain name system by providing each node with an identification consisting of a domain name service (DNS) component and a unique number.

A serverless name resolution protocol ensures convergence despite the size of the network, without requiring an ever-increasing cache and with a reasonable numbers of hops. This convergence is ensured through a multi-level cache and a proactive cache initialization strategy. The multi-level cache is built based on a circular number space. Each level contains information from different levels of slivers of the circular space. A mechanism is included to add a level to the multi-level cache when the node determines that the last level is full. A peer-to-peer name resolution protocol (PNRP) includes a mechanism to allow resolution of names which are mapped onto the circular number space through a hash function. Further, the PNRP may also operate with the domain name system by providing each node with an identification consisting of a domain name service (DNS) component and a unique number.

A serverless name resolution protocol ensures convergence despite the size of the network, without requiring an ever-increasing cache and with a reasonable numbers of hops. This convergence is ensured through a multi-level cache and a proactive cache initialization strategy. The multi-level cache is built based on a circular number space. Each level contains information from different levels of slivers of the circular space. A mechanism is included to add a level to the multi-level cache when the node determines that the last level is full. A peer-to-peer name resolution protocol (PNRP) includes a mechanism to allow resolution of names which are mapped onto the circular number space through a hash function. Further, the PNRP may also operate with the domain name system by providing each node with an identification consisting of a domain name service (DNS) component and a unique number.

Some aspects of the methods and systems presented relate to performing stateless address translation between IPv4 capable devices to IPv6 capable networks and devices. Stateless address translation may form a new IPv6 addresses by combining the IPv4 address of a device with an IPv6 prefix address assigned to the translator. The translation may also combine the IPv4 destination address and UDP port information with the new IPv6 address. Existing Domain Name Systems (DNSs) may be leveraged for resolving the IPv4 and IPv6 addresses across different networks.

A system for resolving domain name system (DNS) queries, contains a communication device for resolving DNS queries, wherein the communication device further contains a memory and a processor that is configured by the memory, a cache storage for use by the communication device, and a network of authoritative domain name servers, where in a process of the communication device looking up a DNS request within the cache storage, if the communication device views an expired DNS entry within the cache storage, the communication device continues the process of looking up the DNS request in the cache storage while, in parallel, sending out a concurrent DNS request to an authoritative domain name server that the expired DNS entry belongs to.

The present invention provides an efficient way of resolving telephone numbers and other entity / device identifiers into Internet addresses as well as accommodating portability of those telephone numbers and other entity / device identifiers without having to substantially modify or rework the domain naming system (DNS) infrastructure or established number portability schemes. Self-contained, additional functionality is implemented on a DNS server which allows smooth IP address resolution of telephone numbers or other entity / device identifiers by taking advantage of existing portability databases without impacting the existing networks that create and maintain such portability databases.

A system and method for accessing a storage or computing device via the Internet using a Domain Name System (DNS)-based infrastructure is disclosed. One aspect of the methodology pertains to registering a storage device with a SIP registration server and associating it with an E.164 phone number. In one embodiment, a media device uses an ENUM engine to translate an E.164 number associated with a target storage device into a routable Internet address by using a Domain Name System (DNS)-based infrastructure. The routable Internet address is further used to establish real-time communication between the media device and the target device.

A technique to reduce the latency of a remote DNS lookup operation is disclosed. More specifically, a machine-readable medium, method, device, and system are described that scan a document when it is retrieved from the Internet. The scan takes place for one or more patterns, where each pattern denotes an Internet host name. The technique then asynchronously causes an Internet Domain Name System (DNS) server to translate each Internet host name pattern discovered from the document scan to an associated Internet Protocol (IP) address. The technique then asynchronously stores each translated IP address in a local DNS cache.

Methods and apparatus for disseminating over the Internet product information produced and maintained by product manufacturers using existing universal product codes (bar codes) as access keys. A cross-referencing resource preferably implemented by the existing Internet Domain Name System (DNS) receives Internet request messages containing all or part of a universal product code value and returns the Internet address at which data or services relating to the identified product, or to the manufacturer of that product, may be obtained. By using preferred Web data storage formats and protocol which conform to XML, XLS, XLink, Xpointer, RDF and Web service standards specifications, product and company information may be seamlessly identified, retrieved and integrated with information from other sources. A “web register” module can be employed to provide an Internet interface between a shared sales Internet server and an otherwise conventional inventory control system, and operates in conjunction with the cross-referencing server to provide detailed product information to Internet shoppers who may purchase goods from existing stores via the Internet.

A multilingual Domain Name System allows users to use Domain Names in non-Unicode or ASCII encodings. An international DNS server (or iDNS server) receives multilingual DNS requests and converts them to a format that can be used in the conventional Domain Name System. When the iDNS server first receives a DNS request, it determines the encoding type of that request. It may do this by considering the bit string in the top-level domain (or other portion) of the Domain Name and matching that string against a list of known bit strings for known top-level domains of various encoding types. One entry in the list may be the bit string for ".com" in Chinese BIG5, for example. After the iDNS server identifies the encoding type of the Domain Name, it converts the encoding of the Domain Name to Unicode. It then translates the Unicode representation to an ASCII representation conforming to the universal DNS standard. This is then passed into a conventional Domain Name System, which recognizes the ASCII format Domain Name and returns the associated IP address.

A CP participated contents delivery system and method, and a CDN DNS server of the system are provided. When a client detects an embedded object while parsing a page received from a web server, the client inquires of a local DNS server about the IP address of a server storing the object. The local DNS server receives the inquiry of the client and inquires of a CDN DNS server about the IP address of the server storing the object. The CDN DNS server selects a server located in proximity to the client from a host server of a CDN provider, which stores the object, and the web server. The selected server transmits the object to the client. Accordingly, the client can rapidly receive the object and a contents provider can promote qualitative contents providing service improvement.

The present invention is directed towards systems and methods for providing multiple modes of a zone for DNSSEC by an intermediary device. The method includes providing, by a device intermediary to a plurality of clients and a plurality of servers, a plurality of modes of a zone for Domain Name Service. The device receives a selection of a first mode of the zone of the plurality of modes of the zone. The device receives information identifying to enable DNS Security for the selected first mode. The device establishes the zone for DNS in accordance with the selected first mode and with DNS Security enabled.

Embodiments of the present invention include methods and systems for domain name system (DNS) pre-caching. A method for DNS pre-caching is provided. The method includes receiving uniform resource locator (URL) hostnames for DNS pre-fetch resolution prior to a user hostname request for any of the URL hostnames. The method also includes making a DNS lookup call for at least one of the URL hostnames that are not cached by a DNS cache prior to the user hostname request. The method further includes discarding at least one IP address provided by a DNS resolver for the URL hostnames, wherein a resolution result for at least one of the URL hostnames is cached in the DNS cache in preparation for the user hostname request. A system for DNS pre-caching is provided. The system includes a renderer, an asynchronous DNS pre-fetcher and a hostname table.

Techniques are provided for handling failures of DNS (domain name system) servers to respond to DNS queries. A DNS resolver is configured to resolve domain names, and includes a time-to-live (TTL)-based cache, a negative cache, and a long term store cache. The TTL-based cache is configured to temporarily store domain names with resolved IP addresses. The negative cache is configured to store negative entries that include information indicating domain names that were failed to be resolved. The long term store cache is configured to store domain names with resolved IP address for an indefinite time period. The caches are accessed in a manner that enables fewer DNS query retries to be performed when a DNS server is non-responsive, to reduce delays and network traffic. Furthermore, the DNS resolver may reduce a number of DNS queries performed the longer the DNS server stays non-responsive.

In one embodiment, a DNS security network includes several DNS appliances and a security operations center (SOC) server computer. The SOC server computer may receive telemetry data from the DNS appliances, the telemetry data comprising information about DNS client queries received in the respective DNS appliances. From the telemetry data, the SOC server computer may generate security policies for distribution to the DNS appliances. The security policies may be used by the DNS appliances to determine whether a DNS client query is originated by a client computer performing a prohibited activity (e.g., sending spam, communicating with a zombie control computer, navigating to a prohibited website, etc.). An answer to a client query may be replaced or discarded altogether in cases where the originator is performing a prohibited activity.

A device may receive a content distribution network (CDN) routing table from a topology manager; receive a request, from a device in either of a redirect CDN or a domain name system (DNS), to identify a target CDN for sending content to a user device; perform a lookup in the CDN routing table, based on information provided by the device and CDN selection policies, to select the target CDN; obtain an identifier corresponding to the target CDN as a result of performing the lookup; and provide the identifier to the device.

An efficient interface for service exchange is provided between a circuit-switched communications network and a domain naming system (DNS) in a packet-switched communications network. A node in the circuit-switched communications network receives from a first entity a request for a first service involving a second entity associated with a second entity identifier. A message is sent from the circuit-switched network node to a DNS server in the packet-switched network requesting a second service related to the second entity identifier. The result of the second service from the DNS server is used in providing the first service.

A method of content delivery in a content delivery network (CDN), where the CDN is deployed, operated and managed by a content delivery network service provider (CDNSP). The CDN comprises a set of content servers and a domain name system (DNS). For a given content provider, a determination is first made whether the content provider has “cold content” delivery requirements by evaluating one or more factors that include: total content size, size of content objects expected to be served, uniqueness of content, total number of content objects, and a percentage of the total content size that is expected to account for a given percentage of traffic. Upon a determination that the content provider has cold content delivery requirements, a subset of the CDN content servers are configured to implement a set of one or handling rules for managing delivery of the cold content from the CDN content servers.

A cloud-based method, system, and transparent proxy for user-level policy, reporting, and authentication over Domain Name System (DNS) include maintaining a local user Internet Protocol (IP) database identifying users in an enterprise; and acting as a transparent proxy for all DNS requests from the users performing the steps of: for a user already identified in the local user IP database, forwarding a DNS request to a cloud-based system with an identifier from the local user IP database of the user associated with the DNS request; and for the user not identified in the local user IP database, performing a series of redirects and hand offs in the cloud-based system to identify the user.

A system that provides users of both fixed and wireless Internet devices, a method of entering numbers instead of the text characters of Internet Uniform Resource Locators (URLs) and other Internet identifiers to access Internet resources and functions, such as Web sites, e-mail services, individual documents or files, location services, etc. When the user enters a WebNum, the digits of the WebNum are sent to a database on a system that is accessible over the Internet. The database maps the WebNum back to a Uniform Resource Locator (URL), which contains a hostname in the Internet domain name structure. This would subsequently be resolved through the Internet Domain Name System (DNS) to an IP address to identify the IP address of the Web site. The cell phone provider or WID network provider would then retrieve the home page of the Web site over the Internet, to return content to the cell phone or WID display.