Cloud service packet redirection method and system and cloud gateway
First Claim
1. A cloud service packet redirection method performed by a cloud gateway, the method comprising:
- receiving a domain name system (DNS) packet that is forwarded by a router in a redirection manner;
determining that the DNS packet is a cloud service-related DNS packet;
obtaining first domain name information, first IP address information, and first DNS entry survival time information of the cloud service-related DNS packet;
querying a cloud IP table of the cloud gateway according to the first domain name information and the first IP address information of the cloud service-related DNS packet, wherein one record in the cloud IP table corresponds to one or more policy routes of the router, wherein a record in the cloud IP table comprises domain name information, IP address information, DNS entry survival time information, and ACL entry identifier information, wherein the ACL entry identifier information is used to identify a policy route of the router that corresponds to the record in the cloud IP table;
adding a first record in the cloud IP table, wherein no record that corresponds to the first domain name information and the first IP address information exists in the cloud IP table and wherein the first record comprises the first domain name information, the first IP address information, and the first DNS entry survival time information of the cloud service-related DNS packet;
sending first policy route configuration information to the router to instruct the router to add a first policy route that corresponds to the first record, wherein the first policy route configuration information comprises first action information indicating addition of the first policy route, the first IP address information, and first ACL entry identifier information of the first record; and
updating, DNS entry survival time information of an existing record in the cloud IP table that corresponds to the domain name information and the IP address information of the cloud service-related DNS packet exists, the DNS entry survival time information being updated according to the DNS entry survival time information of the cloud service-related DNS packet.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention provides a cloud service packet redirection method and system, and a cloud gateway, the method performed by the cloud gateway includes, if the cloud gateway determines that a DNS packet that is forwarded by a router in a redirection manner is a cloud service-related DNS packet, a record is maintained in a cloud IP table of the cloud gateway according to the DNS packet. Policy route configuration information is sent to the router according to the record maintained in the cloud IP table to instruct the router to maintain a policy route. The policy route instructs the router to redirect, to the cloud gateway, a cloud service packet that is indicated by the DNS packet.
37 Citations
10 Claims
-
1. A cloud service packet redirection method performed by a cloud gateway, the method comprising:
-
receiving a domain name system (DNS) packet that is forwarded by a router in a redirection manner; determining that the DNS packet is a cloud service-related DNS packet; obtaining first domain name information, first IP address information, and first DNS entry survival time information of the cloud service-related DNS packet; querying a cloud IP table of the cloud gateway according to the first domain name information and the first IP address information of the cloud service-related DNS packet, wherein one record in the cloud IP table corresponds to one or more policy routes of the router, wherein a record in the cloud IP table comprises domain name information, IP address information, DNS entry survival time information, and ACL entry identifier information, wherein the ACL entry identifier information is used to identify a policy route of the router that corresponds to the record in the cloud IP table; adding a first record in the cloud IP table, wherein no record that corresponds to the first domain name information and the first IP address information exists in the cloud IP table and wherein the first record comprises the first domain name information, the first IP address information, and the first DNS entry survival time information of the cloud service-related DNS packet; sending first policy route configuration information to the router to instruct the router to add a first policy route that corresponds to the first record, wherein the first policy route configuration information comprises first action information indicating addition of the first policy route, the first IP address information, and first ACL entry identifier information of the first record; and updating, DNS entry survival time information of an existing record in the cloud IP table that corresponds to the domain name information and the IP address information of the cloud service-related DNS packet exists, the DNS entry survival time information being updated according to the DNS entry survival time information of the cloud service-related DNS packet. - View Dependent Claims (2, 3)
-
-
4. A cloud service packet redirection method, comprising:
-
receiving, by a cloud gateway, a domain name system (DNS) packet that is redirected by a router; determining, by the cloud gateway, that the DNS packet is a cloud service-related DNS packet; obtaining, by the cloud gateway, first domain name information, first IP address information, and first DNS entry survival time information of the cloud service-related DNS packet; querying, by the cloud gateway, a cloud IP table of the cloud gateway according to the first domain name information and the first IP address information of the cloud service-related DNS packet, wherein one record in the cloud IP table corresponds to one or more policy routes of the router, a record in the cloud IP table comprises domain name information, IP address information, DNS entry survival time information, and ACL entry identifier information, wherein the ACL entry identifier information is used to identify a policy route of the router that corresponds to the record in the cloud IP table; updating, by the cloud gateway, DNS entry survival time information of an existing record according to the first DNS entry survival time information of the cloud service-related DNS packet when a record that corresponds to the domain name information and the IP address information of the cloud service-related DNS packet exists in the cloud IP table; adding, by the cloud gateway, a first record in the cloud IP table when no record that corresponds to the first domain name information and the first IP address information of the cloud service-related DNS packet exists in the cloud IP table, wherein the first record comprises the first domain name information, the first IP address information, and the first DNS entry survival time information of the cloud service-related DNS packet; and sending, by the cloud gateway, first policy route configuration information to the router to instruct the router to add a first policy route that corresponds to the first record, wherein the first policy route configuration information comprises first action information indicating addition of the first policy route, the first IP address information, and first ACL entry identifier information of the first record. - View Dependent Claims (5, 6)
-
-
7. A cloud gateway, comprising:
a processor and a memory storing instructions, the processor being configured to execute the instructions to perform operations of; receiving a domain name system (DNS) packet that is redirected by a router; determining that the DNS packet is a cloud service-related DNS packet; obtaining first domain name information, first IP address information, and first DNS entry survival time information of the cloud service-related DNS packet; querying a cloud IP table of the cloud gateway according to the first domain name information and the first IP address information of the cloud service-related DNS packet, wherein one record in the cloud IP table corresponds to one or more policy routes of the router, a record in the cloud IP table comprises domain name information, IP address information, DNS entry survival time information, and ACL entry identifier information, wherein the ACL entry identifier information is used to identify a policy route of the router that corresponds to the record in the cloud IP table; updating DNS entry survival time information of an existing record according to the first DNS entry survival time information of the cloud service-related DNS packet when a record that corresponds to the domain name information and the IP address information of the cloud service-related DNS packet exists in the cloud IP table; and adding a first record in the cloud IP table when no record that corresponds to the first domain name information and the first IP address information of the cloud service-related DNS packet exists in the cloud IP table, wherein the first record comprises the first domain name information, the first IP address information, and the first DNS entry survival time information of the cloud service-related DNS packet, and sending first policy route configuration information to the router to instruct the router to add a first policy route that corresponds to the first record, wherein the first policy route configuration information comprises;
first action information indicating addition of the first policy route, the first IP address information, and first ACL entry identifier information of the first record.- View Dependent Claims (8, 9)
-
10. A cloud packet redirection system, comprising:
-
a router; and a cloud gateway coupled to the router, the cloud gateway comprising a computing hardware configured to; receive a domain name system (DNS) packet that is redirected by a router; determine that the DNS packet is a cloud service-related DNS packet; obtain first domain name information, first IP address information, and first DNS entry survival time information of the cloud service-related DNS packet; query the cloud IP table of the cloud gateway according to the first domain name information and the first IP address information of the cloud service-related DNS packet, wherein one record in a cloud IP table corresponds to one or more policy routes of the router, a record in the cloud IP table comprises domain name information, IP address information, DNS entry survival time information, and ACL entry identifier information, wherein the ACL entry identifier information is used to identify a policy route of the router that corresponds to the record in the cloud IP table; update DNS entry survival time information of an existing record according to the first DNS entry survival time information of the cloud service-related DNS packet when a record that corresponds to the domain name information and the IP address information of the cloud service-related DNS packet exists in the cloud IP table; and add a first record in the cloud IP table when no record that corresponds to the first domain name information and the first IP address information of the cloud service-related DNS packet exists in the cloud IP table, wherein the first record comprises the first domain name information, the first IP address information, and the first DNS entry survival time information of the cloud service-related DNS packet, and send first policy route configuration information to the router to instruct the router to add a first policy route that corresponds to the first record, wherein the first policy route configuration information comprises;
first action information indicating addition of the first policy route, the first IP address information, and first ACL entry identifier information of the first record; andwherein the router comprises computing hardware and configured to redirect the domain name system (DNS) packet to the cloud gateway, to configure the first policy route, and to redirect a cloud service packet to the cloud gateway according to the first policy route.
-
Specification