Method and system for handling computer network attacks
2 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for serving content requests using global and local load balancing techniques is provided. Web site content is cached using two or more point of presences (POPs), wherein each POP has at least one DNS server. Each DNS server is associated with the same anycast IP address. A domain name resolution request is transmitted to the POP in closest network proximity for resolution based on the anycast IP address. Once the domain name resolution request is received at a particular POP, local load balancing techniques are performed to dynamically select the appropriate Web server at the POP for use in resolving the domain name resolution request. Approaches are described for handling bursts of traffic at a particular POP, security, and recovering from the failure of various components of the system.
-
Citations
27 Claims
-
1. (canceled)
-
2. A computer-implemented method for handling attacks, comprising:
-
at a domain name service (DNS) server, receiving a first request to resolve a hostname from a client; with the DNS server, sending a first set of one or more IP addresses to the client in response to the first request, the first set of IP addresses being associated with one or more web servers; determining that at least one IP address in the first set of IP addresses is under attack; at the DNS server, and after the determination that the at least one IP address in the first set of IP addresses is under attack, receiving a second request to resolve the hostname from the same or another client; with the DNS server, sending a second set of one or more IP addresses to the client that made the second request, the second set of IP addresses including at least one IP address that is different than any of the one or more IP addresses in the first set of IP addresses. - View Dependent Claims (3, 4, 5, 6, 7, 8)
-
-
9. A system for handling attacks, comprising:
-
one or more computers communicatively coupled to a computer network, each with circuitry forming one or more processors and memory storing instructions for execution by the one or more processors, the one or more computers including; a domain name service (DNS) server that receives from a client a first request to resolve a hostname; the DNS server sending a first set of one or more IP addresses to the client in response to the first request, the first set of IP addresses being associated with one or more web servers; after a determination that the at least one IP address in the first set of IP addresses is under attack, the DNS server receiving a second request to resolve the hostname from the same or another client; with the DNS server, sending a second set of one or more IP addresses to the client that made the second request, the second set of IP addresses including at least one IP address that is different than any of the one or more IP addresses in the first set of IP addresses. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable storage medium storing program instructions, wherein execution of the program instructions by one or more processors causes:
-
at a domain name service (DNS) server, receiving from a client a first request to resolve a hostname; with the DNS server, sending a first set of one or more IP addresses to the client in response to the first request, the first set of IP addresses being associated with one or more web servers; determining that at least one IP address in the first set of IP addresses is under attack; at the DNS server, and after the determination that the at least one IP address in the first set of IP addresses is under attack, receiving a second request to resolve the hostname from the same or another client; with the DNS server, sending a second set of one or more IP addresses to the client that made the second request, the second set of IP addresses including at least one IP address that is different than any of the one or more IP addresses in the first set of IP addresses.
-
-
17. A computer-implemented method, comprising:
-
at a domain name service (DNS) server, receiving from a client a first request to resolve a hostname; with the DNS server, sending a first set of one or more IP addresses to the client in response to the first request, the first set of IP addresses being associated with one or more web servers; determining that at least one IP address in the first set of IP addresses is unavailable for servicing client requests; at the DNS server, and after the determination that the at least one IP address in the first set of IP addresses has become unavailable for servicing client requests, receiving a second request to resolve the hostname from the same or another client; with the DNS server, sending a second set of one or more IP addresses to the client that made the second request, the second set of IP addresses including at least one IP address that is different than any of the one or more IP addresses in the first set of IP addresses. - View Dependent Claims (18, 19, 20, 21)
-
-
22. A system, comprising:
-
one or more computers communicatively coupled to a computer network, each with circuitry forming one or more processors and memory storing instructions for execution by the one or more processors, the one or more computers including; a domain name service (DNS) server that receives from a client a first request to resolve a hostname; the DNS server sending a first set of one or more IP addresses to the client in response to the first request, the first set of IP addresses being associated with one or more web servers; after a determination that the at least one IP address in the first set of IP addresses has become unavailable for servicing client requests, the DNS server receiving a second request to resolve the hostname from the same or another client; with the DNS server, sending a second set of one or more IP addresses to the client that made the second request, the second set of IP addresses including at least one IP address that is different than any of the one or more IP addresses in the first set of IP addresses. - View Dependent Claims (23, 24, 25, 26, 27)
-
Specification