Stateful IPv4-IPv6 DNS application level gateway for handling topologies with coexisting IPv4-only, Ipv6-only and dual-stack devices

US 7,526,562 B1
Filed: 04/11/2003
Issued: 04/28/2009
Est. Priority Date: 04/11/2003
Status: Active Grant

First Claim

Patent Images

1. A method for handling domain name system (DNS) packets, comprising:

receiving a current DNS response corresponding to a first DNS query that was earlier received and sent by a DNS client or a second DNS query that is a translation of the first DNS query, the current DNS response having a first IPv4 or IPv6 protocol;

if the current DNS response does not require translation and does not have a null answer, forwarding the current DNS response to the DNS client;

if the current DNS response requires translation, forwarding a translation of the current DNS response to the DNS client only if a subsequent DNS response, which does not have a null answer and corresponds to the first DNS query, is not received before expiration of a predetermined time period; and

if a subsequent DNS response, which does not have a null answer and corresponds to the first DNS query, is received after receiving the current DNS response before expiration of the predetermined time period, forwarding the subsequent DNS response to the DNS client.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are methods and apparatus for efficiently and reliably handling DNS (domain name service) queries and responses. In general terms, mechanisms are provided for forwarding only one DNS response to a DNS client when two DNS responses having different protocols (IPv4 or IPv6) may be received, e.g., within a DNS handling device for a particular DNS query. The DNS handling device determines whether to forward or hold a first received DNS response based on a number of criteria. The DNS handling device also determines whether to forward a first or second received response to the DNS client when a first and second response for a particular query is received. In certain cases, a first received DNS response for a particular DNS query may be held until a second better response is received or a timer expires.

90 Citations

View as Search Results

25 Claims

1. A method for handling domain name system (DNS) packets, comprising:
- receiving a current DNS response corresponding to a first DNS query that was earlier received and sent by a DNS client or a second DNS query that is a translation of the first DNS query, the current DNS response having a first IPv4 or IPv6 protocol;
  
  if the current DNS response does not require translation and does not have a null answer, forwarding the current DNS response to the DNS client;
  
  if the current DNS response requires translation, forwarding a translation of the current DNS response to the DNS client only if a subsequent DNS response, which does not have a null answer and corresponds to the first DNS query, is not received before expiration of a predetermined time period; and
  
  if a subsequent DNS response, which does not have a null answer and corresponds to the first DNS query, is received after receiving the current DNS response before expiration of the predetermined time period, forwarding the subsequent DNS response to the DNS client.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A method as recited in claim 1, wherein the first DNS query has an IPv4 or an IPv6 first protocol, the method further comprising:
    - when the first protocol of the first DNS query is IPv4, translating the first DNS query into a second DNS query having a second protocol that is IPv6 and forwarding the first DNS query having the IPv4 first protocol to an IPv4 DNS server and the second DNS query having the IPv6 protocol to an IPv6 DNS server; and
      
      when the first protocol of the first DNS query is IPv6, translating the first DNS query into a second DNS query having a second protocol that is IPv4 and forwarding the first DNS query having the IPv6 first protocol to an IPv6 DNS server and the second DNS query having the IPv4 protocol to an IPv4 DNS server.
  - 3. A method as recited in claim 2, further comprising:
    - storing an entry within a connection table for the first DNS query, wherein the entry for the first DNS query includes an identifier for the first DNS query and a field for holding the first received response,when the current DNS response is received, determining whether the entry for the first DNS query is still present based on an identifier of the current DNS response matching the identifier of the entry; and
      
      dropping the current DNS response when the entry for the first DNS query is not present.
  - 4. A method as recited in claim 3, wherein the identifier of the entry includes an IP source address, DNS query identifier, and source port value from the first DNS query and the identifier of the current response includes an IP destination address, DNS response identifier, and destination port of the current DNS response.
  - 5. A method as recited in claim 4, wherein the current DNS response requires translation when its first protocol differs from a protocol of the IP source address of the connection table entry for the first DNS query.
  - 6. A method as recited in claim 4, wherein the connection table entry for the first DNS query also includes a timer that is initiated upon creation of the entry, and wherein expiration of the predetermined time period is an expiration of the timer of the connection table entry.
  - 7. A method as recited in claim 4, further comprising flushing the connection table entry when the current or subsequent DNS response is forwarded to the DNS client or the predetermined time period expires.
  - 8. A method as recited in claim 1, further comprising:
    - if the current DNS response has a null answer and requires translation, forwarding a translation of the current DNS response to the DNS client only if a subsequent DNS response, which corresponds to the first DNS query, is not received before expiration of the predetermined time period; and
      
      if the current DNS response has a null answer and a subsequent DNS response, which has a null answer and corresponds to the first DNS query, is received before expiration of the predetermined time period, forwarding the subsequent DNS response to the DNS client.

9. A computer system operable to handle domain name system (DNS) packets, the computer system comprising:
- one or more processors;
  
  one or more memory, wherein at least one of the processors and memory are configured for;
  
  receiving a current DNS response corresponding to a first DNS query that was earlier received and sent by a DNS client or a second DNS query that is a translation of the first DNS query, the current DNS response having a first IPv4 or IPv6 protocol;
  
  if the current DNS response does not require translation and does not have a null answer, forwarding the current DNS response to the DNS client;
  
  if the current DNS response requires translation, forwarding a translation of the current DNS response to the DNS client only if a subsequent DNS response, which does not have a null answer and corresponds to the first DNS query, is not received before expiration of a predetermined time period; and
  
  if a subsequent DNS response, which does not have a null answer and corresponds to the first DNS query, is received after receiving the current DNS response before expiration of the predetermined time period, forwarding the subsequent DNS response to the DNS client.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. A computer system as recited in claim 9, wherein the first DNS query has an IPv4 or an IPv6 first protocol, wherein the at least one of the processors and memory are further configured for:
    - when the first protocol of the first DNS query is IPv4, translating the first DNS query into a second DNS query having a second protocol that is IPv6 and forwarding the first DNS query having the IPv4 first protocol to an IPv4 DNS server and the second DNS query having the IPv6 protocol to an IPv6 DNS server; and
      
      when the first protocol of the first DNS query is IPv6, translating the first DNS query into a second DNS query having a second protocol that is IPv4 and forwarding the first DNS query having the IPv6 first protocol to an IPv6 DNS server and the second DNS query having the IPv4 protocol to an IPv4 DNS server.
  - 11. A computer system as recited in claim 9, wherein the at least one of the processors and memory are further configured for:
    - if the current DNS response has a null answer and requires translation, forwarding a translation of the current DNS response to the DNS client only if a subsequent DNS response, which corresponds to the first DNS query, is not received before expiration of the predetermined time period; and
      
      if the current DNS response has a null answer and a subsequent DNS response, which has a null answer and corresponds to the first DNS query, is received before expiration of the predetermined time period, forwarding the subsequent DNS response to the DNS client.
  - 12. A computer system as recited in claim 9, wherein the at least one of the processors and memory are further configured for:
    - storing an entry within a connection table for the first DNS query, wherein the entry for the first DNS query includes an identifier for the first DNS query and a field for holding the first received response,when the current DNS response is received, determining whether the entry for the first DNS query is still present based on an identifier of the current DNS response matching the identifier of the entry; and
      
      dropping the current DNS response when the entry for the first DNS query is not present.
  - 13. A computer system as recited in claim 12, wherein the identifier of the entry includes an IP source address, DNS query identifier, and source port value from the first DNS query and the identifier of the current response includes an IP destination address, DNS response identifier, and destination port of the current DNS response.
  - 14. A computer system as recited in claim 13, wherein the current DNS response requires translation when its first protocol differs from a protocol of the IP source address of the connection table entry for the first DNS query.
  - 15. A computer system as recited in claim 13, wherein the connection table entry for the first DNS query also includes a timer that is initiated upon creation of the entry, and wherein expiration of the predetermined time period is an expiration of the timer of the connection table entry.
  - 16. A computer system as recited in claim 13, wherein at least one of the processors and memory are further adapted for flushing the connection table entry when the current or subsequent DNS response is forwarded to the DNS client or the predetermined time period expires.

17. A computer program product for handling domain name system (DNS) packets, the computer program product comprising:
- at least one computer readable medium;
  
  computer program instructions stored within the at least one computer readable product configured for;
  
  receiving a current DNS response corresponding to a first DNS query that was earlier received and sent by a DNS client or a second DNS query that is a translation of the first DNS query, the current DNS response having a first IPv4 or IPv6 protocol;
  
  if the current DNS response does not require translation and does not have a null answer, forwarding the current DNS response to the DNS client;
  
  if the current DNS response requires translation, forwarding a translation of the current DNS response to the DNS client only if a subsequent DNS response, which does not have a null answer and corresponds to the first DNS query, is not received before expiration of a predetermined time period; and
  
  if a subsequent DNS response, which does not have a null answer and corresponds to the first DNS query, is received after receiving the current DNS response before expiration of the predetermined time period, forwarding the subsequent DNS response to the DNS client.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. A computer program product as recited in claim 17, wherein the first DNS query has an IPv4 or an IPv6 first protocol, and wherein the computer program instructions stored within the at least one computer readable product are further configured for:
    - when the first protocol of the first DNS query is IPv4, translating the first DNS query into a second DNS query having a second protocol that is IPv6 and forwarding the first DNS query having the IPv4 first protocol to an IPv4 DNS server and the second DNS query having the IPv6 protocol to an IPv6 DNS server; and
      
      when the first protocol of the first DNS query is IPv6, translating the first DNS query into a second DNS query having a second protocol that is IPv4 and forwarding the first DNS query having the IPv6 first protocol to an IPv6 DNS server and the second DNS query having the IPv4 protocol to an IPv4 DNS server.
  - 19. A computer program product as recited in claim 18, wherein the computer program instructions stored within the at least one computer readable product are further configured for:
    - storing an entry within a connection table for the first DNS query, wherein the entry for the first DNS query includes an identifier for the first DNS query and a field for holding the first received response,when the current DNS response is received, determining whether the entry for the first DNS query is still present based on an identifier of the current DNS response matching the identifier of the entry; and
      
      dropping the current DNS response when the entry for the first DNS query is not present.
  - 20. A computer program product as recited in claim 19, wherein the identifier of the entry includes an IP source address, DNS query identifier, and source port value from the first DNS query and the identifier of the current response includes an IP destination address, DNS response identifier, and destination port of the current DNS response.
  - 21. A computer program product as recited in claim 20, wherein the current DNS response requires translation when its first protocol differs from a protocol of the IP source address of the connection table entry for the first DNS query.
  - 22. A computer program product as recited in claim 20, wherein the connection table entry for the first DNS query also includes a timer that is initiated upon creation of the entry, and wherein expiration of the predetermined time period is an expiration of the timer of the connection table entry.
  - 23. A computer program product as recited in claim 20, wherein the computer program instructions stored within the at least one computer readable product further configured for flushing the connection table entry when the current or subsequent DNS response is forwarded to the DNS client or the predetermined time period expires.
  - 24. A computer program product as recited in claim 17, wherein the computer program instructions stored within the at least one computer readable product are further configured for:
    - if the current DNS response has a null answer and requires translation, forwarding a translation of the current DNS response to the DNS client only if a subsequent DNS response, which corresponds to the first DNS query, is not received before expiration of the predetermined time period; and
      
      if the current DNS response has a null answer and a subsequent DNS response, which has a null answer and corresponds to the first DNS query, is received before expiration of the predetermined time period, forwarding the subsequent DNS response to the DNS client.

25. An apparatus for handling domain name system (DNS) packets, comprising:
- means for receiving a current DNS response corresponding to a first DNS query that was earlier received and sent by a DNS client or a second DNS query that is a translation of the first DNS query, the current DNS response having a first IPv4 or IPv6 protocol;
  
  means for if the current DNS response does not require translation and does not have a null answer, forwarding the current DNS response to the DNS client;
  
  means for if the current DNS response requires translation, forwarding a translation of the current DNS response to the DNS client only if a subsequent DNS response, which does not have a null answer and corresponds to the first DNS query, is not received before expiration of a predetermined time period; and
  
  means for if a subsequent DNS response, which does not have a null answer and corresponds to the first DNS query, is received after receiving the current DNS response before expiration of the predetermined time period, forwarding the subsequent DNS response to the DNS client.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Samprathi, Ravikanth V., Moon, Bruce D.
Primary Examiner(s)
Etienne; Ario
Assistant Examiner(s)
GOLD, AVI M

Application Number

US10/411,698
Time in Patent Office

2,209 Days
Field of Search

709/230, 709/245, 370/466
US Class Current

709/230
CPC Class Codes

H04L 2101/659   Internet protocol version 6...

H04L 61/251   between different IP versions

H04L 61/4511   using domain name system [DNS]

H04L 69/16   Implementation or adaptatio...

H04L 69/167   Adaptation for transition b...

Stateful IPv4-IPv6 DNS application level gateway for handling topologies with coexisting IPv4-only, Ipv6-only and dual-stack devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

90 Citations

25 Claims

Specification

Use Cases

Quick Links

Others

Stateful IPv4-IPv6 DNS application level gateway for handling topologies with coexisting IPv4-only, Ipv6-only and dual-stack devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

90 Citations

25 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others