SYSTEM AND METHOD FOR INSPECTING DOMAIN NAME SYSTEM FLOWS IN A NETWORK ENVIRONMENT
First Claim
1. A method, comprising:
- maintaining a correlation between a domain name and a plurality of Internet protocol (IP) addresses included in a domain name system (“
DNS”
) response to a DNS request in connection with DNS exchange between a subscriber and a DNS server, wherein each of the IP addresses corresponds to one of a plurality of web servers associated with the domain name;
receiving from the subscriber a packet associated with a flow;
identifying an IP address within the packet as being one of the plurality of IP addresses included in the DNS response; and
executing a policy decision for the subsequent flow without inspecting the contents of the subsequent flow at layer 7 based on the domain name correlated to the identified IP address, wherein the policy decision comprises charging a different rate for a particular flow.
0 Assignments
0 Petitions
Accused Products
Abstract
A method is provided in one example and includes maintaining a correlation between a domain name and a plurality of Internet protocol (IP) addresses included in a domain name system (“DNS”) response to a DNS request in connection with DNS exchange between a subscriber and a DNS server, wherein each of the IP addresses corresponds to one of a plurality of web servers associated with the domain name; receiving from the subscriber a packet associated with a flow; identifying an IP address within the packet as being one of the plurality of IP addresses included in the DNS response; and executing a policy decision for the subsequent flow without inspecting the contents of the subsequent flow at layer 7 based on an identity of the subscriber and the domain name correlated to the identified IP address, wherein the policy decision comprises charging a different rate for a particular flow.
-
Citations
20 Claims
-
1. A method, comprising:
-
maintaining a correlation between a domain name and a plurality of Internet protocol (IP) addresses included in a domain name system (“
DNS”
) response to a DNS request in connection with DNS exchange between a subscriber and a DNS server, wherein each of the IP addresses corresponds to one of a plurality of web servers associated with the domain name;receiving from the subscriber a packet associated with a flow; identifying an IP address within the packet as being one of the plurality of IP addresses included in the DNS response; and executing a policy decision for the subsequent flow without inspecting the contents of the subsequent flow at layer 7 based on the domain name correlated to the identified IP address, wherein the policy decision comprises charging a different rate for a particular flow. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. One or more non-transitory tangible media that includes code for execution and when executed by a processor operable to perform operations comprising:
-
maintaining a correlation between a domain name and a plurality of Internet protocol (IP) addresses included in a domain name system (“
DNS”
) response to a DNS request in connection with DNS exchange between a subscriber and a DNS server, wherein each of the IP addresses corresponds to one of a plurality of web servers associated with the domain name;receiving from the subscriber a packet associated with a flow; identifying an IP address within the packet as being one of the plurality of IP addresses included in the DNS response; and executing a policy decision for the subsequent flow without inspecting the contents of the subsequent flow at layer 7 based on the domain name correlated to the identified IP address, wherein the policy decision comprises charging a different rate for a particular flow. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. An apparatus, comprising:
-
a memory element configured to store data, a processor operable to execute instructions associated with the data, and an awareness module configured to; maintain a correlation between a domain name and a plurality of Internet protocol (IP) addresses included in a domain name system (“
DNS”
) response to a DNS request in connection with DNS exchange between a subscriber and a DNS server, wherein each of the IP addresses corresponds to one of a plurality of web servers associated with the domain name;receive from the subscriber a packet associated with a flow; identify an IP address within the packet as being one of the plurality of IP addresses included in the DNS response; and execute a policy decision for the subsequent flow without inspecting the contents of the subsequent flow at layer 7 based on the domain name correlated to the identified IP address, wherein the policy decision comprises charging a different rate for a particular flow. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification