Invention Grant
- Patent Title: DNS flood protection platform for a network
- Patent Title (中): 一个网络的DNS防洪平台
-
Application No.: US12018031Application Date: 2008-01-22
-
Publication No.: US08261351B1Publication Date: 2012-09-04
- Inventor: Peter M. Thornewell , Lisa M. Golden
- Applicant: Peter M. Thornewell , Lisa M. Golden
- Applicant Address: US WA Seattle
- Assignee: F5 Networks, Inc.
- Current Assignee: F5 Networks, Inc.
- Current Assignee Address: US WA Seattle
- Agency: Frommer Lawrence & Haug LLP
- Agent Jamie L. Wiegand
- Main IPC: G06F12/14
- IPC: G06F12/14 ; G06F17/00 ; G06F11/30 ; G06F15/16 ; H04L29/06 ; H04L9/32
Abstract:
Embodiments are directed towards providing protection to DNS servers against DNS flood attacks by causing a requesting device to perform multiple DNS lookup requests for resolving a resource record. A request from a network device for a resolution of a domain name may be received by a device interposed between the requesting network device and a DNS server. Upon receiving the request to resolve the domain name, the interposed device may respond with a CNAME that includes a cookie. The requesting device may then send another request that includes the cookie preceded CNAME. The interposed device may then validate the returned cookie returned in the CNAME and if valid, forward the domain name resolution request on to a DNS server. The response may then be forwarded to the requesting device.
Information query
