Source-dependent address resolution

US 10,645,056 B2
Filed: 02/08/2019
Issued: 05/05/2020
Est. Priority Date: 12/19/2012
Status: Active Grant

First Claim

Patent Images

1. A system for facilitating source-dependent address resolution comprising:

one or more host computing devices hosting a set of virtual computing devices in communication via a virtual network, wherein the virtual network provides an internal addressing scheme enabling communication between individual virtual computing devices of the set of virtual computing devices within the virtual network and an external addressing scheme enabling external communications to enter the virtual network, and wherein the one or more host computing devices are configured to enable communications within the virtual network by encapsulating data packets generated by the individual virtual computing devices and transmitting the encapsulated data packets over a physical substrate network; and

a source-dependent domain name system (DNS) server in communication with the virtual network over the physical substrate network, the source-dependent DNS server configured to;

receive data packet from a host computing device of the one or more host computing devices via the physical substrate network, wherein the data packet represents a DNS request to resolve an identifier of a target virtual computing device, and wherein the data packet identifies the host computing device on the physical substrate network as a source of the data packet;

identify, from the data packet, a virtual computing device hosted by the host computing device as a source virtual computing device that originated the DNS request;

select, based on the source virtual computing device that originated the DNS request and independent of the host computing device identified in the data packet as the source of the data packet, at least one of an internal address of the target virtual computing device formatted according to the internal addressing scheme or an external address of the target virtual computing device formatted according to the external addressing scheme to utilize as an address responsive to the DNS request, wherein the internal address of the target virtual computing device is selected when the source virtual computing device and the target virtual computing device are both within the virtual network, and wherein the external address of the target virtual computing device is selected when the virtual computing device and the target virtual computing device are not both within the virtual network; and

transmit the address responsive to the DNS request to the source virtual computing device.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and method are provided for source-dependent address resolution. Multiple computing devices may be associated with identifiers, such as network names. These computing devices may further be associated with both internally and externally accessible network addresses. A source-dependent address resolution component may resolve a network identifier into an internal or external address based on a network of a requesting device. Specifically, a request for address resolution may be received from a source network, and be resolvable into an address of a target network. If the source network and target network are the same, an internal address of that shared network is returned. If the source network and the target network are different, an external address enabling external communication with the target network is returned. In some embodiments, determination of a source network may be facilitated based on a source port of a request.

Citations

20 Claims

1. A system for facilitating source-dependent address resolution comprising:
- one or more host computing devices hosting a set of virtual computing devices in communication via a virtual network, wherein the virtual network provides an internal addressing scheme enabling communication between individual virtual computing devices of the set of virtual computing devices within the virtual network and an external addressing scheme enabling external communications to enter the virtual network, and wherein the one or more host computing devices are configured to enable communications within the virtual network by encapsulating data packets generated by the individual virtual computing devices and transmitting the encapsulated data packets over a physical substrate network; and
  
  a source-dependent domain name system (DNS) server in communication with the virtual network over the physical substrate network, the source-dependent DNS server configured to;
  
  receive data packet from a host computing device of the one or more host computing devices via the physical substrate network, wherein the data packet represents a DNS request to resolve an identifier of a target virtual computing device, and wherein the data packet identifies the host computing device on the physical substrate network as a source of the data packet;
  
  identify, from the data packet, a virtual computing device hosted by the host computing device as a source virtual computing device that originated the DNS request;
  
  select, based on the source virtual computing device that originated the DNS request and independent of the host computing device identified in the data packet as the source of the data packet, at least one of an internal address of the target virtual computing device formatted according to the internal addressing scheme or an external address of the target virtual computing device formatted according to the external addressing scheme to utilize as an address responsive to the DNS request, wherein the internal address of the target virtual computing device is selected when the source virtual computing device and the target virtual computing device are both within the virtual network, and wherein the external address of the target virtual computing device is selected when the virtual computing device and the target virtual computing device are not both within the virtual network; and
  
  transmit the address responsive to the DNS request to the source virtual computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein to identify the virtual computing device hosted by the host computing device as the source virtual computing device that originated the DNS request, the source-dependent DNS server is configured to:
    - decapsulate the data packet to result in a decapsulated data packet; and
      
      identify the source virtual computing device from a source address of the decapsulated data packet.
  - 3. The system of claim 1, wherein to identify the virtual computing device hosted by the host computing device as the source virtual computing device that originated the DNS request, the source-dependent DNS server is configured to attribute the data packet to the source virtual computing device based at least partly on a source port of the hosted computing device from which the data packet was transmitted.
  - 4. The system of claim 3, wherein the source-dependent DNS server is configured to identify the virtual computing device hosted by the host computing device as the source virtual computing device that originated the DNS request without decapsulating the data packet.
  - 5. The system of claim 3, wherein to attribute the data packet to the source virtual computing device based at least partly on the source port of the hosted computing device from which the data packet was transmitted, the source-dependent DNS server is configured to obtain information mapping the source port of the hosted computing device to the source virtual computing device.
  - 6. The system of claim 1, wherein the one or more host computing devices further host a second set of virtual computing devices in communication via a second virtual network, and wherein the source virtual computing device is included within the second virtual network.
  - 7. The system of claim 1 wherein the identifier of the target virtual computing device is a network name of the target computing device.

8. A computer-implemented method for facilitating source-dependent address resolution by a set of virtual computing devices in communication via a virtual network, the virtual network providing an internal addressing scheme enabling communication between individual virtual computing devices of the set of virtual computing devices within the virtual network and an external addressing scheme enabling external communications to enter the virtual network, the set of virtual computing devices being hosted by one or more host computing devices configured to enable communications within the virtual network by encapsulating data packets generated by the individual virtual computing devices and transmitting the encapsulated data packets over a physical substrate network, the computer-implemented method comprising:
- receiving a data packet from a host computing device of the one or more host computing devices via the physical substrate network, wherein the data packet represents a domain name system (DNS) request to resolve an identifier of a target virtual computing device, and wherein the data packet identifies the host computing device on the physical substrate network as a source of the data packet;
  
  identifying, from the data packet, a virtual computing device hosted by the host computing device as a source virtual computing device that originated the DNS request;
  
  selecting, based on the source virtual computing device that originated the DNS request and independent of the host computing device identified in the data packet as the source of the data packet, at least one of an internal address of the target virtual computing device formatted according to the internal addressing scheme or an external address of the target virtual computing device formatted according to the external addressing scheme to utilize as an address responsive to the DNS request, wherein the internal address of the target virtual computing device is selected when the source virtual computing device and the target virtual computing device are both within the virtual network, and wherein the external address of the target virtual computing device is selected when the source virtual computing device and the target virtual computing device are not both within the virtual network; and
  
  transmitting the address responsive to the DNS request to the source virtual computing device that generated the DNS request.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer-implemented method of claim 8, wherein identifying the virtual computing device hosted by the host computing device as the source virtual computing device that originated the DNS request comprises:
    - decapsulating the data packet to result in a decapsulated data packet; and
      
      identifying the source virtual computing device from a source address of the decapsulated data packet.
  - 10. The computer-implemented method of claim 8, wherein identifying the virtual computing device hosted by the host computing device as the source virtual computing device that originated the DNS request comprises attributing the data packet to the source virtual computing device based at least partly on a source port of the hosted computing device from which the data packet was transmitted.
  - 11. The computer-implemented method of claim 10, wherein identifying the virtual computing device hosted by the host computing device as the source virtual computing device that originated the DNS request comprises identifying the virtual computing device hosted by the host computing device as the source virtual computing device that originated the DNS request without decapsulating the data packet.
  - 12. The computer-implemented method of claim 10, wherein attributing the data packet to the source virtual computing device based at least partly on the source port of the hosted computing device from which the data packet was transmitted comprises obtaining information mapping the source port of the hosted computing device to the source virtual computing device.
  - 13. The computer-implemented method of claim 8, wherein the one or more host computing devices further host a second set of virtual computing devices in communication via a second virtual network, and wherein the source virtual computing device is included within the second virtual network.
  - 14. The computer-implemented method of claim 8, wherein the address responsive to the DNS request is an Internet Protocol (IP) address.

15. Non-transitory computer-readable media comprising computer-executable instructions for facilitating source-dependent address resolution by a set of virtual computing devices in communication via a virtual network, the virtual network providing an internal addressing scheme enabling communication between individual virtual computing devices of the set of virtual computing devices within the virtual network and an external addressing scheme enabling external communications to enter the virtual network, the set of virtual computing devices being hosted by one or more host computing devices configured to enable communications within the virtual network by encapsulating data packets generated by the individual virtual computing devices and transmitting the encapsulated data packets over a physical substrate network, wherein the instructions, when executed by a computing system, cause the computing system to:
- receive a data packet from a host computing device of the one or more host computing devices via the physical substrate network, wherein the data packet represents a domain name system (DNS) request to resolve an identifier of a target virtual computing device, and wherein the data packet identifies the host computing device on the physical substrate network as a source of the data packet;
  
  identify, from the data packet, a virtual computing device hosted by the host computing device as a source virtual computing device that originated the DNS request;
  
  select, based on the source virtual computing device that originated the DNS request and independent of the host computing device identified in the data packet as the source of the data packet, at least one of an internal address of the target virtual computing device formatted according to the internal addressing scheme or an external address of the target virtual computing device formatted according to the external addressing scheme to utilize as an address responsive to the DNS request, wherein the internal address of the target virtual computing device is selected when the source virtual computing device and the target virtual computing device are both within the virtual network, and wherein the external address of the target virtual computing device is selected when the source virtual computing device and the target virtual computing device are not both within the virtual network; and
  
  transmit the address responsive to the DNS request to the source virtual computing device that generated the DNS request.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer-readable media of claim 15, wherein to identify the virtual computing device hosted by the host computing device as the source virtual computing device that originated the DNS request, the instructions cause the computing system to:
    - decapsulate the data packet to result in a decapsulated data packet; and
      
      identify the source virtual computing device from a source address of the decapsulated data packet.
  - 17. The non-transitory computer-readable media of claim 15, wherein to identify the virtual computing device hosted by the host computing device as the source virtual computing device that originated the DNS request, the instructions cause the computing system to attribute the data packet to the source virtual computing device based at least partly on a source port of the hosted computing device from which the data packet was transmitted.
  - 18. The non-transitory computer-readable media of claim 17, wherein the instructions cause the computing system to identify the virtual computing device hosted by the host computing device as the source virtual computing device that originated the DNS request without decapsulating the data packet.
  - 19. The non-transitory computer-readable media of claim 17, wherein to attribute the data packet to the source virtual computing device based at least partly on the source port of the hosted computing device from which the data packet was transmitted, the instructions cause the computing system to obtain information mapping the source port of the hosted computing device to the source virtual computing device.
  - 20. The non-transitory computer-readable media of claim 15, wherein the one or more host computing devices further host a second set of virtual computing devices in communication via a second virtual network, and wherein the source virtual computing device is included within the second virtual network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Petersen, Kirk Arlo, Jayamohan, Ajith, Chatterjee, Preetha
Primary Examiner(s)
Chea, Philip J
Assistant Examiner(s)
Ma, Wing

Application Number

US16/271,211
Publication Number

US 20190319914A1
Time in Patent Office

452 Days
Field of Search

709245
US Class Current
CPC Class Codes

H04L 2101/622   Layer-2 addresses, e.g. med...

H04L 61/103   across network layers, e.g....

H04L 61/4511   using domain name system [DNS]

H04L 61/5038   for local use, e.g. in LAN ...

Source-dependent address resolution

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Source-dependent address resolution

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links