Methods of collaborative hardware and software DNS acceleration and DDOS protection

US 10,530,758 B2
Filed: 12/16/2016
Issued: 01/07/2020
Est. Priority Date: 12/18/2015
Status: Active Grant

First Claim

Patent Images

1. A method for managing name service communications, executable by one or more name service devices with at least one processor executing the method, the method comprising actions to:

receive, by a hardware domain name service (DNS) processor on one or more name service devices, a name service query from one or more requesting computers;

perform, by the hardware DNS processor on the one or more name service devices, one or more operations on the name service query;

when, the name service query is unresolved by the one or more operations performed by the hardware DNS processor on the one or more name service devices, perform, by a second processor on the one or more name service devices, further operations, including;

provide, by the second processor on the one or more name service devices, a name service reply that includes at least an answer to the name service query; and

send, by a third processor on the one or more name service devices, the name service reply to the hardware DNS processor on the one or more name service devices, wherein the second and third processors are implemented as software processors to increase an amount of operations over time that are performed by the one or more name service devices; and

send, by the hardware DNS processor on the one or more name service devices, a name service reply that includes at least an answer to the name service query to the one or more requesting computers;

perform, by the hardware DNS processor on the one or more name service devices, operations to provide an index value for a software DNS processor lookup table;

perform, by the hardware DNS processor on the one or more name service devices, operations to provide a program that is associated with the software DNS processor; and

perform, by the hardware DNS processor on the one or more name service devices, operations based on instructions included in the program;

perform, by the third processor on the one or more name service devices, operations to compare fingerprint information that is based on the at least name service reply with other finger information that is associated with the name service query;

when the comparison provides an affirmative result, perform, by a fourth processor on the one or more name service devices, operations to authenticate the name service reply, wherein the fourth processor is implemented as a software processor; and

when the name service query is unresolved by the operation performed by the second processor on the one or more name service devices, perform, by a fourth processor on the one or more name service devices, the further operations, including;

perform, by the fourth processor on the one or more name service devices, operations to provide fingerprint information that is based on at least the name service query;

perform, by the fourth processor on the one or more name service devices, operations to modify the name service query to include the fingerprint information; and

send, by the fourth processor on the one or more name service devices, the modified name service query to an external name service server, wherein the fourth processor is implemented as a software processor.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments are directed towards managing name service communications. A name service device may be arranged to employ a hardware domain name service (DNS) processor to receive a name service query. The hardware DNS processor may perform operations on the name service query. If operations performed by the hardware DNS processor do not resolve the name service query, further operations may be performed. The name service device may be arranged to provide a name service reply that includes the answer to the name service query. And, the name service device may be arranged to send the name service reply back to the hardware DNS processor. Accordingly, the hardware DNS processor on the name service device may send the name service reply that includes at least an answer to the name service query to the requesting computers.

50 Citations

15 Claims

1. A method for managing name service communications, executable by one or more name service devices with at least one processor executing the method, the method comprising actions to:
- receive, by a hardware domain name service (DNS) processor on one or more name service devices, a name service query from one or more requesting computers;
  
  perform, by the hardware DNS processor on the one or more name service devices, one or more operations on the name service query;
  
  when, the name service query is unresolved by the one or more operations performed by the hardware DNS processor on the one or more name service devices, perform, by a second processor on the one or more name service devices, further operations, including;
  
  provide, by the second processor on the one or more name service devices, a name service reply that includes at least an answer to the name service query; and
  
  send, by a third processor on the one or more name service devices, the name service reply to the hardware DNS processor on the one or more name service devices, wherein the second and third processors are implemented as software processors to increase an amount of operations over time that are performed by the one or more name service devices; and
  
  send, by the hardware DNS processor on the one or more name service devices, a name service reply that includes at least an answer to the name service query to the one or more requesting computers;
  
  perform, by the hardware DNS processor on the one or more name service devices, operations to provide an index value for a software DNS processor lookup table;
  
  perform, by the hardware DNS processor on the one or more name service devices, operations to provide a program that is associated with the software DNS processor; and
  
  perform, by the hardware DNS processor on the one or more name service devices, operations based on instructions included in the program;
  
  perform, by the third processor on the one or more name service devices, operations to compare fingerprint information that is based on the at least name service reply with other finger information that is associated with the name service query;
  
  when the comparison provides an affirmative result, perform, by a fourth processor on the one or more name service devices, operations to authenticate the name service reply, wherein the fourth processor is implemented as a software processor; and
  
  when the name service query is unresolved by the operation performed by the second processor on the one or more name service devices, perform, by a fourth processor on the one or more name service devices, the further operations, including;
  
  perform, by the fourth processor on the one or more name service devices, operations to provide fingerprint information that is based on at least the name service query;
  
  perform, by the fourth processor on the one or more name service devices, operations to modify the name service query to include the fingerprint information; and
  
  send, by the fourth processor on the one or more name service devices, the modified name service query to an external name service server, wherein the fourth processor is implemented as a software processor.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method set forth in claim 1, wherein one or more of the hardware DNS processor, the second processor, or the third processor are on the same name service device.
  - 3. The method set forth in claim 1, further comprising:
    - receive, by the hardware DNS processor on the one or more name service devices, the name service reply from one or more external name service servers; and
      
      perform, by the second processor on the one or more name service devices, operations to provide fingerprint information that is based on at least the name service reply.
  - 4. The method set forth in claim 1, further comprises:
    - perform, by the hardware DNS processor on the one or more name service devices, operations to provide a memory address to a program in a memory of an associated processor; and
      
      perform, by the hardware DNS processor on the one or more name service devices, direct memory access to access one or more instructions of the program.
  - 5. The method set forth in claim 1, further comprises, when one or more conditions are met, perform, by a software DNS processor on the one or more name service devices, operations to provide a new program to the hardware DNS processor.

6. One or more name service computing devices comprising:
- memory comprising programmed instructions stored in the memory;
  
  one or more hardware DNS processors; and
  
  one or more processors configured to be capable of executing the programmed instructions stored in the memory to;
  
  receive a name service query from one or more requesting computers;
  
  perform, by the one or more hardware DNS processors, one or more operations on the name service query;
  
  when, the name service query is unresolved by the one or more operations performed by the one or more hardware DNS processors, perform, by the one or more processors, further operations, including;
  
  providing a name service reply that includes at least an answer to the name service query; and
  
  sending the name service reply to the one or more hardware DNS processors on the one or more name service computing devices, wherein second, third, and fourth processors are implemented as software processors to increase an amount of operations over time that are performed by the one or more name service computing devices; and
  
  send, by the software processors, a name service reply that includes at least an answer to the name service query to the one or more requesting computers;
  
  perform, by the hardware DNS processor on the one or more name service devices, operations to provide an index value for a software DNS processor lookup table;
  
  perform, by the hardware DNS processor on the one or more name service devices, operations to provide a program that is associated with the software DNS processor; and
  
  perform, by the hardware DNS processor on the one or more name service devices, operations based on instructions included in the program;
  
  perform, by the third processor on the one or more name service devices, operations to compare fingerprint information that is based on the at least name service reply with other finger information that is associated with the name service query;
  
  when the comparison provides an affirmative result, perform, by a fourth processor on the one or more name service devices, operations to authenticate the name service reply, wherein the fourth processor is implemented as a software processor; and
  
  when the name service query is unresolved by the operation performed by the second processor on the one or more name service devices, perform, by a fourth processor on the one or more name service devices, the further operations, including;
  
  perform, by the fourth processor on the one or more name service devices, operations to provide fingerprint information that is based on at least the name service query;
  
  perform, by the fourth processor on the one or more name service devices, operations to modify the name service query to include the fingerprint information; and
  
  send, by the fourth processor on the one or more name service devices, the modified name service query to an external name service server.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The one or more name service computing devices set forth in claim 6, wherein one or more of the one or more hardware DNS processors, or the one or more processors are on the same name service computing device.
  - 8. The one or more name service computing devices set forth in claim 6, further comprising:
    - receive, by the one or more hardware DNS processors, the name service reply from one or more external name service servers; and
      
      perform operations to provide fingerprint information that is based on at least the name service reply.
  - 9. The one or more name service computing devices set forth in claim 6, further comprises:
    - perform, by the one or more hardware DNS processors on the one or more name service computing devices, operations to provide a memory address to a program in a memory of an associated processor; and
      
      perform, by the one or more hardware DNS processors on the one or more name service computing devices, direct memory access to access one or more instructions of the program.
  - 10. The one or more name service computing devices set forth in claim 6, further comprises, when one or more conditions are met, perform, by a software DNS processor on the one or more name service computing devices, operations to provide a new program to the hardware DNS processor.

11. A processor readable non-transitory storage media that includes instructions for managing name service communications, wherein execution of the instructions by one or more processors included in one or more name service devices perform actions comprising:
- receive, by a hardware domain name service (DNS) processor on the one or more name service devices, a name service query from one or more requesting computers;
  
  perform, by the hardware DNS processor on the one or more name service devices, one or more operations on the name service query;
  
  when, the name service query is unresolved by the one or more operations performed by the hardware DNS processor on the one or more name service devices, perform, by a second processor on the one or more name service devices, further operations, including;
  
  provide, by the second processor on the one or more name service devices, a name service reply that includes at least an answer to the name service query; and
  
  send, by a third processor on the one or more name service devices, the name service reply to the hardware DNS processor on the one or more name service devices, wherein the second and third processors are implemented as software processors to increase an amount of operations over time that are performed by the one or more name service devices; and
  
  send, by the hardware DNS processor on the one or more name service devices, a name service reply that includes at least an answer to the name service query to the one or more requesting computersperform, by the hardware DNS processor on the one or more name service devices, operations to provide an index value for a software DNS processor lookup table;
  
  perform, by the hardware DNS processor on the one or more name service devices, operations to provide a program that is associated with the software DNS processor; and
  
  perform, by the hardware DNS processor on the one or more name service devices, operations based on instructions included in the program;
  
  perform, by the third processor on the one or more name service devices, operations to compare fingerprint information that is based on the at least name service reply with other finger information that is associated with the name service query;
  
  when the comparison provides an affirmative result, perform, by a fourth processor on the one or more name service devices, operations to authenticate the name service reply, wherein the fourth processor is implemented as a software processor; and
  
  when the name service query is unresolved by the operation performed by the second processor on the one or more name service devices, perform, by a fourth processor on the one or more name service devices, the further operations, including;
  
  perform, by the fourth processor on the one or more name service devices, operations to provide fingerprint information that is based on at least the name service query;
  
  perform, by the fourth processor on the one or more name service devices, operations to modify the name service query to include the fingerprint information; and
  
  send, by the fourth processor on the one or more name service devices, the modified name service query to an external name service server, wherein the fourth processor is implemented as a software processor.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The media set forth in claim 11, wherein one or more of the hardware DNS processor, the second processor, or the third processor are on the same name service device.
  - 13. The media set forth in claim 11, further comprising:
    - receive, by the hardware DNS processor on the one or more name service devices, the name service reply from one or more external name service servers; and
      
      perform, by the second processor on the one or more name service devices, operations to provide fingerprint information that is based on at least the name service reply.
  - 14. The media set forth in claim 11, further comprises:
    - perform, by the hardware DNS processor on the one or more name service devices, operations to provide a memory address to a program in a memory of an associated processor; and
      
      perform, by the hardware DNS processor on the one or more name service devices, direct memory access to access one or more instructions of the program.
  - 15. The media set forth in claim 11, further comprises, when one or more conditions are met, perform, by a software DNS processor on the one or more name service devices, operations to provide a new program to the hardware DNS processor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
F5 Networks, Inc. (F5 Incorporated)
Original Assignee
F5 Networks, Inc. (F5 Incorporated)
Inventors
Cai, Hao, Szabo, Paul Imre, Baker, Christopher Ryan, Golden, Lisa M., Kovalchik, Robert Andrew, Fridman, Amit, Mimms, Alan Brian, Druckmann, Itai
Primary Examiner(s)
Zarrineh, Shahriar

Application Number

US15/382,018
Publication Number

US 20170214677A1
Time in Patent Office

1,117 Days
Field of Search

726 4
US Class Current
CPC Class Codes

G06F 16/951   Indexing; Web crawling tech...

H04L 61/106   across networks, e.g. mappi...

H04L 61/4511   using domain name system [DNS]

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 63/1458   Denial of Service

H04L 67/1097   for distributed storage of ...

H04L 67/34   involving the movement of s...

Methods of collaborative hardware and software DNS acceleration and DDOS protection

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

50 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

Methods of collaborative hardware and software DNS acceleration and DDOS protection

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

50 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others