APPLICATION SERVICES BASED ON DYNAMIC SPLIT TUNNELING
First Claim
Patent Images
1. Logic encoded in a tangible, non-transitory computer readable medium for execution by a processor, and when executed operable to:
- obtain data representative of a service fully qualified domain name (FQDN) associated with a first network associated with a first tunnel;
route traffic directed to the FQDN onto the first tunnel; and
route traffic not directed to the FQDN elsewhere.
1 Assignment
0 Petitions
Accused Products
Abstract
In an example embodiment, a method of dynamically tunneling specific, or per application, services on demand without having to build complex split tunneling policies on Virtual Private Network (VPN) terminators. In particular embodiments, the method can allow for tunneling to multiple data centers on devices with limited, e.g., single, concentrator capabilities.
21 Citations
21 Claims
-
1. Logic encoded in a tangible, non-transitory computer readable medium for execution by a processor, and when executed operable to:
-
obtain data representative of a service fully qualified domain name (FQDN) associated with a first network associated with a first tunnel; route traffic directed to the FQDN onto the first tunnel; and route traffic not directed to the FQDN elsewhere. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An apparatus, comprising:
-
an interface; a virtual private network (VPN) client coupled with the interface; the VPN client selectively routes Domain Name System (DNS) request for sub-domains associated with a first network through a tunnel associated with the first network via the interface; the VPN client selectively routes DNS request for sub-domains associated with a second network through a tunnel associated with the second network via the interface; the VPN client replaces the destination address for DNS requests for sub-domains associated with the second network to match an address of a DNS server associated with the second network; and the VPN client stores data representative of DNS requests for sub-domains associated with the second network; the VPN client forwards the DNS requests for sub-domains associated with the second network with the address of the DNS server associated with the second network. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer implemented method, comprising:
-
selectively routing Domain Name System (DNS) request for sub-domains associated with a first network through a tunnel associated with the first network; selectively routing DNS request for sub-domains associated with a second network through a tunnel associated with the second network; associating service Internet Protocol (IP) addresses for sub-domains associated with the first and second networks to dummy service IP addresses; replacing the service IP addresses in DNS responses for sub-domains associated with the first and second networks with dummy service IP addresses; and forwarding the DNS responses with the dummy service IP addresses. - View Dependent Claims (20, 21)
-
Specification