Split-Domain Name Service
First Claim
Patent Images
1. A method comprising performing the following by a domain name service (DNS) server of a first network:
- receiving a network address of a DNS server of a second network, the second network coupled to the first network through a first gateway between the second network and a third network and a second gateway between the third network and the first network;
receiving a request from a client of the second network for a DNS lookup of a name of a host;
determining whether the host is on the second network; and
if the host is on the second network;
sending a DNS referral to the client that includes the network address of the DNS server of the second network, the DNS server of the second network being operable to provide the network address of the host of the second network to the client in response to a DNS lookup request of the name of the host from the client.
13 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, a method includes receiving an address of a DNS server of a network. A secure communication tunnel is established with a client of the network. The client is notified that requests to the address of the DNS server of the network should not pass through the secure communication tunnel. A request for a DNS lookup of a name of a host of the network is received through the secure communication tunnel. A DNS referral that includes the address of the DNS server of the network is sent to the client.
-
Citations
22 Claims
-
1. A method comprising performing the following by a domain name service (DNS) server of a first network:
-
receiving a network address of a DNS server of a second network, the second network coupled to the first network through a first gateway between the second network and a third network and a second gateway between the third network and the first network; receiving a request from a client of the second network for a DNS lookup of a name of a host; determining whether the host is on the second network; and if the host is on the second network; sending a DNS referral to the client that includes the network address of the DNS server of the second network, the DNS server of the second network being operable to provide the network address of the host of the second network to the client in response to a DNS lookup request of the name of the host from the client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system comprising:
a DNS server of a first network, the DNS server of the first network operable to; receive a network address of a DNS server of a second network, the second network coupled to the first network through a first gateway between the second network and a third network and a second gateway between the third network and the first network; receive a request from a client of the second network for a DNS lookup of a name of a host; determine whether the host is on the second network; and if the host is on the second network; send a DNS referral to the client that includes the network address of the DNS server of the second network, the DNS server of the second network being operable to provide the network address of the host of the second network to the client in response to a DNS lookup request of the name of the host from the client. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
17. A method comprising:
-
establishing, by a client of a first network, a secure communication tunnel with a first gateway of a second network, the first gateway of the second network coupled to the first network through a third network and a second gateway of the first network; receiving, from the first gateway of the second network, an indication that communication with a particular network prefix or particular network address should not be sent through the secure communication tunnel, the particular network prefix covering or particular network address being an network address of a Domain Name Service (DNS) server of the first network; sending a request through the secure communication tunnel to a DNS server of the second network for a DNS lookup of a name of a host of the first network; receiving, from the DNS server of the second network, a DNS referral that includes the network address of a DNS server of the first network; sending the request for the DNS lookup of the name of host of the first network to the network address of the DNS server of the first network; and receiving, from the DNS server of the first network, a network address of the host of the first network. - View Dependent Claims (18, 19, 20, 21)
-
-
22. One or more computer-readable non-transitory storage media embodying logic that is operable when executed by a client of a first network to:
-
establish a secure communication tunnel with a first gateway of a second network, the first gateway of the second network coupled to the first network through a third network and a second gateway of the first network; receive, from the first gateway of the second network, an indication that communication with a particular network prefix or particular network address should not be sent through the secure communication tunnel, the particular network prefix covering or particular network address being a network address of a Domain Name Service (DNS) server of the first network; send a request through the secure communication tunnel to a DNS server of the second network for a DNS lookup of a name of a host of the first network; receive, from the DNS server of the second network, a DNS referral that includes the network address of the DNS server of the first network; send the request for the DNS lookup of the name of the host of the first network to the network address of the DNS server of the first network; and receive, from the DNS server of the first network, an network address of the host of the first network.
-
Specification