Cloud service packet redirection method and system and cloud gateway

US 9,325,565 B2
Filed: 10/04/2013
Issued: 04/26/2016
Est. Priority Date: 11/12/2012
Status: Active Grant

First Claim

Patent Images

1. A cloud service packet redirection method performed by a cloud gateway, the method comprising:

receiving a domain name system (DNS) packet that is forwarded by a router in a redirection manner;

determining that the DNS packet is a cloud service-related DNS packet;

obtaining first domain name information, first IP address information, and first DNS entry survival time information of the cloud service-related DNS packet;

querying a cloud IP table of the cloud gateway according to the first domain name information and the first IP address information of the cloud service-related DNS packet, wherein one record in the cloud IP table corresponds to one or more policy routes of the router, wherein a record in the cloud IP table comprises domain name information, IP address information, DNS entry survival time information, and ACL entry identifier information, wherein the ACL entry identifier information is used to identify a policy route of the router that corresponds to the record in the cloud IP table;

adding a first record in the cloud IP table, wherein no record that corresponds to the first domain name information and the first IP address information exists in the cloud IP table and wherein the first record comprises the first domain name information, the first IP address information, and the first DNS entry survival time information of the cloud service-related DNS packet;

sending first policy route configuration information to the router to instruct the router to add a first policy route that corresponds to the first record, wherein the first policy route configuration information comprises first action information indicating addition of the first policy route, the first IP address information, and first ACL entry identifier information of the first record; and

updating, DNS entry survival time information of an existing record in the cloud IP table that corresponds to the domain name information and the IP address information of the cloud service-related DNS packet exists, the DNS entry survival time information being updated according to the DNS entry survival time information of the cloud service-related DNS packet.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a cloud service packet redirection method and system, and a cloud gateway, the method performed by the cloud gateway includes, if the cloud gateway determines that a DNS packet that is forwarded by a router in a redirection manner is a cloud service-related DNS packet, a record is maintained in a cloud IP table of the cloud gateway according to the DNS packet. Policy route configuration information is sent to the router according to the record maintained in the cloud IP table to instruct the router to maintain a policy route. The policy route instructs the router to redirect, to the cloud gateway, a cloud service packet that is indicated by the DNS packet.

37 Citations

View as Search Results

10 Claims

1. A cloud service packet redirection method performed by a cloud gateway, the method comprising:
- receiving a domain name system (DNS) packet that is forwarded by a router in a redirection manner;
  
  determining that the DNS packet is a cloud service-related DNS packet;
  
  obtaining first domain name information, first IP address information, and first DNS entry survival time information of the cloud service-related DNS packet;
  
  querying a cloud IP table of the cloud gateway according to the first domain name information and the first IP address information of the cloud service-related DNS packet, wherein one record in the cloud IP table corresponds to one or more policy routes of the router, wherein a record in the cloud IP table comprises domain name information, IP address information, DNS entry survival time information, and ACL entry identifier information, wherein the ACL entry identifier information is used to identify a policy route of the router that corresponds to the record in the cloud IP table;
  
  adding a first record in the cloud IP table, wherein no record that corresponds to the first domain name information and the first IP address information exists in the cloud IP table and wherein the first record comprises the first domain name information, the first IP address information, and the first DNS entry survival time information of the cloud service-related DNS packet;
  
  sending first policy route configuration information to the router to instruct the router to add a first policy route that corresponds to the first record, wherein the first policy route configuration information comprises first action information indicating addition of the first policy route, the first IP address information, and first ACL entry identifier information of the first record; and
  
  updating, DNS entry survival time information of an existing record in the cloud IP table that corresponds to the domain name information and the IP address information of the cloud service-related DNS packet exists, the DNS entry survival time information being updated according to the DNS entry survival time information of the cloud service-related DNS packet.
- View Dependent Claims (2, 3)
- - 2. The method according to claim 1, further comprising:
    - aging DNS entry survival time of all records in the cloud IP table with time; and
      
      deleting a second record whose DNS entry survival time is 0 in the cloud IP table.
  - 3. The method according to claim 2, further comprising:
    - deleting the second record; and
      
      sending second policy route configuration information to the router to instruct the router to delete a second policy route that corresponds to the second record, wherein the second policy route configuration information comprises second action information indicating deletion of the second policy route, and second IP address information and second ACL entry identifier information of the second record.

4. A cloud service packet redirection method, comprising:
- receiving, by a cloud gateway, a domain name system (DNS) packet that is redirected by a router;
  
  determining, by the cloud gateway, that the DNS packet is a cloud service-related DNS packet;
  
  obtaining, by the cloud gateway, first domain name information, first IP address information, and first DNS entry survival time information of the cloud service-related DNS packet;
  
  querying, by the cloud gateway, a cloud IP table of the cloud gateway according to the first domain name information and the first IP address information of the cloud service-related DNS packet, wherein one record in the cloud IP table corresponds to one or more policy routes of the router, a record in the cloud IP table comprises domain name information, IP address information, DNS entry survival time information, and ACL entry identifier information, wherein the ACL entry identifier information is used to identify a policy route of the router that corresponds to the record in the cloud IP table;
  
  updating, by the cloud gateway, DNS entry survival time information of an existing record according to the first DNS entry survival time information of the cloud service-related DNS packet when a record that corresponds to the domain name information and the IP address information of the cloud service-related DNS packet exists in the cloud IP table;
  
  adding, by the cloud gateway, a first record in the cloud IP table when no record that corresponds to the first domain name information and the first IP address information of the cloud service-related DNS packet exists in the cloud IP table, wherein the first record comprises the first domain name information, the first IP address information, and the first DNS entry survival time information of the cloud service-related DNS packet; and
  
  sending, by the cloud gateway, first policy route configuration information to the router to instruct the router to add a first policy route that corresponds to the first record, wherein the first policy route configuration information comprises first action information indicating addition of the first policy route, the first IP address information, and first ACL entry identifier information of the first record.
- View Dependent Claims (5, 6)
- - 5. The method according to claim 4, further comprising:
    - aging, by the cloud gateway, DNS entry survival time of all records in the cloud IP table with time; and
      
      deleting, by the cloud gateway, a second record whose DNS entry survival time is 0 in the cloud IP table.
  - 6. The method according to claim 5, further comprising sending, by the cloud gateway, second policy route configuration information to the router to instruct the router to delete a second policy route that corresponds to the second record, wherein the second policy route configuration information comprises second action information indicating deletion of the second policy route, and second IP address information and second ACL entry identifier information of the second record.

7. A cloud gateway, comprising:
- a processor and a memory storing instructions, the processor being configured to execute the instructions to perform operations of;
  
  receiving a domain name system (DNS) packet that is redirected by a router;
  
  determining that the DNS packet is a cloud service-related DNS packet;
  
  obtaining first domain name information, first IP address information, and first DNS entry survival time information of the cloud service-related DNS packet;
  
  querying a cloud IP table of the cloud gateway according to the first domain name information and the first IP address information of the cloud service-related DNS packet, wherein one record in the cloud IP table corresponds to one or more policy routes of the router, a record in the cloud IP table comprises domain name information, IP address information, DNS entry survival time information, and ACL entry identifier information, wherein the ACL entry identifier information is used to identify a policy route of the router that corresponds to the record in the cloud IP table;
  
  updating DNS entry survival time information of an existing record according to the first DNS entry survival time information of the cloud service-related DNS packet when a record that corresponds to the domain name information and the IP address information of the cloud service-related DNS packet exists in the cloud IP table; and
  
  adding a first record in the cloud IP table when no record that corresponds to the first domain name information and the first IP address information of the cloud service-related DNS packet exists in the cloud IP table, wherein the first record comprises the first domain name information, the first IP address information, and the first DNS entry survival time information of the cloud service-related DNS packet, and sending first policy route configuration information to the router to instruct the router to add a first policy route that corresponds to the first record, wherein the first policy route configuration information comprises;
  
  first action information indicating addition of the first policy route, the first IP address information, and first ACL entry identifier information of the first record.
- View Dependent Claims (8, 9)
- - 8. The cloud gateway according to claim 7, wherein the processor is further configured to execute the instructions to perform operations of:
    - aging DNS entry survival time of all records in the cloud IP table with time; and
      
      deleting, by the cloud gateway, a second record whose DNS entry survival time is 0 in the cloud IP table.
  - 9. The cloud gateway according to claim 8, wherein the processor is further configured to execute the instructions to perform operations of sending second policy route configuration information to the router to instruct the router to delete a second policy route that corresponds to the second record, wherein the second policy route configuration information comprises:
    - second action information indicating deletion of the second policy route, and second IP address information and second ACL entry identifier information of the second record.

10. A cloud packet redirection system, comprising:
- a router; and
  
  a cloud gateway coupled to the router, the cloud gateway comprising a computing hardware configured to;
  
  receive a domain name system (DNS) packet that is redirected by a router;
  
  determine that the DNS packet is a cloud service-related DNS packet;
  
  obtain first domain name information, first IP address information, and first DNS entry survival time information of the cloud service-related DNS packet;
  
  query the cloud IP table of the cloud gateway according to the first domain name information and the first IP address information of the cloud service-related DNS packet, wherein one record in a cloud IP table corresponds to one or more policy routes of the router, a record in the cloud IP table comprises domain name information, IP address information, DNS entry survival time information, and ACL entry identifier information, wherein the ACL entry identifier information is used to identify a policy route of the router that corresponds to the record in the cloud IP table;
  
  update DNS entry survival time information of an existing record according to the first DNS entry survival time information of the cloud service-related DNS packet when a record that corresponds to the domain name information and the IP address information of the cloud service-related DNS packet exists in the cloud IP table; and
  
  add a first record in the cloud IP table when no record that corresponds to the first domain name information and the first IP address information of the cloud service-related DNS packet exists in the cloud IP table, wherein the first record comprises the first domain name information, the first IP address information, and the first DNS entry survival time information of the cloud service-related DNS packet, and send first policy route configuration information to the router to instruct the router to add a first policy route that corresponds to the first record, wherein the first policy route configuration information comprises;
  
  first action information indicating addition of the first policy route, the first IP address information, and first ACL entry identifier information of the first record; and
  
  wherein the router comprises computing hardware and configured to redirect the domain name system (DNS) packet to the cloud gateway, to configure the first policy route, and to redirect a cloud service packet to the cloud gateway according to the first policy route.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Huawei Technologies Co., Ltd. (Huawei Investment & Holding Co., Ltd.)
Original Assignee
Huawei Technologies Co., Ltd. (Huawei Investment & Holding Co., Ltd.)
Inventors
Yao, Ziyang, Zhang, Wei
Primary Examiner(s)
Taylor, Nicholas
Assistant Examiner(s)
Sultana, Afroza

Application Number

US14/046,579
Publication Number

US 20140136675A1
Time in Patent Office

935 Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 41/00   Arrangements for maintenanc...

H04L 45/306   Route determination based o...

H04L 61/4511   using domain name system [DNS]

H04L 67/1097   for distributed storage of ...

Cloud service packet redirection method and system and cloud gateway

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

37 Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Cloud service packet redirection method and system and cloud gateway

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

37 Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links