`
`(12) United States Patent
`Jungck
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 8,694,610 B2
`*Apr. 8, 2014
`
`(54) APPARATUS AND METHOD FOR DOMAIN
`NAME RESOLUTION
`
`(75) Inventor: Peder J. Jungck, San Carlos, CA (US)
`
`(*) Notice:
`
`(73) Assignee: CloudShield Technologies, Inc.,
`Sunnyvale, CA (US)
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 279 days.
`This patent is Subject to a terminal dis-
`claimer.
`
`(21) Appl. No.: 11/259,160
`
`(22) Filed:
`
`Oct. 26, 2005
`
`(65)
`
`Prior Publication Data
`US 2006/OO75139 A1
`Apr. 6, 2006
`
`5,566,170 A 10/1996 Bakke et al.
`5,619,621 A
`4, 1997 Puckett
`5,784,582 A
`7, 1998 Hughes
`. 395.200.55
`.
`.
`.
`.
`.
`.
`.
`s: A 99. By al. .
`5,938,737 A
`8/1999 Smallcomb et al. .......... 709/247
`Continued
`(Continued)
`FOREIGN PATENT DOCUMENTS
`O 865 180 A2
`3, 1998
`WO98, 17039
`4f1998
`(Continued)
`
`EP
`WO
`
`OTHER PUBLICATIONS
`
`Rule-Based Filtering for Java Applets, Iglio et al., Computer Security
`Applications Conference, 1998, Proceedings., 14th Annual Dec.
`7-11, 1998 pp. 112-119.
`
`(Continued)
`
`Related U.S. Application Data
`(63) Continuation of application No. 09/602.286, filed on
`Jun. 23, 2000, now Pat. No. 7,003,555.
`
`Primary Examiner — Gregory Todd
`(74) Attorney, Agent, or Firm — Lempia Summerfield Katz
`LLC
`
`(51) Int. Cl.
`G06F 15/16
`(2006.01)
`Et, :2.8
`R
`.01)
`(
`(52) U.S. Cl.
`USPC ........... 709/219; 709/245; 709/246; 370/389;
`370/475
`
`(58) Field of Classification Search
`USPC .......... 709/217, 219, 245, 246; 370/389, 469,
`370/475
`See application file for complete search history.
`
`(56)
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`4,692.918 A
`5,179,556 A
`5, 195,181 A
`
`9, 1987 Elliott et al.
`1/1993 Turner
`3/1993 Bryant et al.
`
`ABSTRACT
`(57)
`An apparatus and method for enhancing the infrastructure of
`a network Such as the Internet. Multiple edge servers and edge
`caches may be provided at the edge of the network so as to
`y be p
`9.
`cover and monitor all points of presence. There may be down
`stream clients coupled to the points of presence. The edge
`servers may selectively intercept domain name translation
`requests generated by the downstream clients for Subscribing
`Web servers. The edge servers may provide translations
`which either enhance content delivery services, or redirect the
`requesting client to the edge cache to make its content
`requests. Further, network traffic monitoring may be provided
`in order to detect malicious or otherwise unauthorized data
`transmissions.
`
`26 Claims, 6 Drawing Sheets
`
`
`
`F. A
`Edge Server 402
`Request interceptor 404
`Request Modifier 406
`Request forwarder 4.08
`
`
`
`Cloudflare - Exhibit 1091, page 1
`
`
`
`US 8,694,610 B2
`Page 2
`
`(56)
`
`References Cited
`
`7,111,052 B1* 9/2006 Cook ............................ TO9,219
`7,114,008 B2
`9/2006 Jungcket al.
`7,146,505 B1
`12/2006 Harada et al.
`7,246,150 B1* 7/2007 Donoho et al. ............... TO9.204
`219 B
`29s Wong- TO9,203
`7,418,504 B2
`82008 Larson et al. ................. TO9,226
`7.565.450 B2 * 7/2009 Garcia-Luna-Aceves
`et al. ............................. 709/245
`8,417,770 B2 * 4/2013 Vange et al. .................. TO9,203
`2001/0049741 A1* 12/2001 Skene et al. ....
`TO9,232
`2002/0010798 A1
`1/2002 Ben-Shaul et al. ........... 709/247
`2002fOO65938 A1
`5/2002 Jungcket al.
`TO9,245
`2002fOO73233 A1* 6, 2002 Gross et al. .....
`2002fO112073 A1
`8/2002 Melampy et al. ............ TO9/240
`2002fO1942.91 A1 12/2002 Najam et al.
`2003/0009651 A1
`1/2003 Najam et al.
`2003, OO18796 A1
`1/2003 Chou et al. .................... TO9,231
`2003/0187992 A1 10, 2003 Steenfeldt et al.
`2006, OO29038 A1
`2/2006 Jungck
`
`
`
`FOREIGN PATENT DOCUMENTS
`
`WO
`WO
`WO
`WO
`WO
`WO
`WO
`
`WO99/O5584
`WO 99/09725
`WO99/27684
`WO99,60459
`WOOOf 14938
`WOOOf 27092
`WOOO,28713
`
`2, 1999
`2, 1999
`6, 1999
`11, 1999
`3, 2000
`5, 2000
`5, 2000
`
`OTHER PUBLICATIONS
`A Common Multi-Agent Testbed for Diverse Seamless Personal
`-Paki
`Information Networking Applications, Abu Hakima, et al., Jul. 1998.
`3.com Virtual Lan Tutorial, obtained from http://munshi.Sonoma.edu/
`s97/bus420/vlan.html, Jul. 21, 2003, pp. 1-21
`Beck, Andre; Hofmann, Markus, “Enabling the Internet to Deliver
`Content-Oriented Services.” 2001. www.cs.bu.edu/techreports/
`2001-0170-wcw01-proceedings/107 beck.pdf.
`Gribble, Steven D. "System Design Issues for Internet Middleware
`Services: Deducti
`f
`L
`Client T
`1997. h.
`ervices: Jeaucuons Irom a Large IIent 1 race.
`. http.cs.
`berkeley.edu/~gribble?papers/msc thesis.ps.gZ.
`Kim, Gene H.; Orman, Hilarie; O'Malley, Sean. “Implementing a
`Secure rlogin Environment: A Case Study ofUsing a Secure Network
`Layer Protocol.” 1995. ftp.cs.arizona.edu/xkernel/Papers/rloginps.
`The Role of Test Cases in Automated Knowledge Refinement—
`inst Craw (1996) www.scnms.rgu.ac.uk/publications/96/96 4ps.
`
`The Policy Obstacle Course: The Realisation of Low-Level.—
`Schema York July www.cs.york.ad.uk/-dim/pubs/polobstc.ps.Z.
`Alteon Web Systems, White Paper "Optimizing ISP Networks and
`Services with DNS Redirection'. Aug. 1999, pp. 1-14.
`John Pescatore, Gartner Analyst, “Commentary: Digging into the
`DNS foundation.’ obtained at internet address.http://
`t.com/
`oundation, obtained at Internet address, nutp://news.cnet.co
`news/0-1005-202-2080091.html, Jun. 15, 2000.
`Rainbow Technologies Products, “CryptoSwift eCommerce Accel
`erator, obtained at internet address, http://isgrainbow.com/prod
`ucts/cs 1.html, Aug. 5, 2000.
`Flow Wise Networks, Inc., “AutoRouteTM Automatic Configuration
`of Layer 3 Routing,” www.flow wise.com.
`Flow Wise, “Router Accelerator RA 7000 from Flow Wise.”
`obtained at internet address http://www.flowise.com/products/
`ra,000.htm.
`IntelR IXP1200 Network Processor, obtained at internet address,
`http://developer, intel.com/design/network/ixp1200.htm.
`d th
`hall Brai
`ff WorkS. “
`b
`Marshall Brain, How Stu Wor s, How Web Servers and the
`Internet Work” obtained at internet address http://www.
`howstuffworks.com/web-server.htm.
`Mall pry. How St. Sk “HOW ASPS splication St.
`Providers) Work,” obtained at internet address http://www.
`howstuffWorks.com/asp.htm.
`Marshall Brain, How StuffWorks, “How Domain Name Servers
`Work,” obtained at internet address http://www.howstuffworks.com/
`dins.htm.
`
`U.S. PATENT DOCUMENTS
`5,953,503 A
`9/1999 Mitzenmacher et al. 395/200.33
`5,958,052 A * 9/1999 Bellovin et al. ................. T26/11
`5.991,713 A 1 1/1999 Unger et al. ...................... TO4/9
`5.996,011 A 1 1/1999 Humes
`6,006.264 A 12/1999 Colby et al. .................. TO9,226
`6,014,660 A
`1/2000 Lim et al. .......................... 707/3
`6,016,512 A
`1/2000 Huitema ....................... 709/245
`6,029, 175 A
`2/2000 Chow et al.
`6,046,980 A
`4/2000 Packer .......................... 370,230
`6,052,718 A
`4/2000 Gifford ......................... TO9,219
`6,064,676 A
`5/2000 Slattery et al.
`6,065,055 A
`5/2000 Hughes et al. ................ 709,229
`6,070,191 A
`5/2000 Narendran et al. ........... TO9,226
`6,073,168 A
`6/2000 Mighdoll et al. ...
`709/217
`6,084,878 A
`7/2000 Crayford et al. .............. 370,389
`6,105,027 A
`8, 2000 Schneider et al.
`6,108,703 A
`8/2000 Leighton et al. .............. TO9,226
`6,119,165 A
`9, 2000 Li et al.
`6,157,955 A 12/2000 Naradet al.
`6,167.438 A 12/2000 Yates et al. .................... TO9,216
`6,178,505 B1
`1/2001 Schneider et al.
`6,182,148 B1
`1/2001 Tout .............................. 709/245
`6,185,598 B1* 2/2001 Farber et al.
`709/200
`6,223,209 B1 * 4/2001 Watson ......................... TO9,201
`6,226,642 B1
`5, 2001 Beranek et al.
`6,247,059 B1
`6/2001 Johnson et al.
`6.256,671 B1* 7/2001 Strentzsch et al. ............ 709,227
`6.256,739 B1
`7/2001 Skoppet al. .................. T13 201
`3. R
`299; SR et al
`TO9/230
`Ola Call. ................
`- 4
`6,324,585 B1
`1 1/2001 Zhang et al.
`709/245
`6,330,561 B1
`12/2001 Cohen et al. ...
`TO7/10
`6,356,761 B1* 3/2002 Huttunen et al.
`455,456.1
`6,389,462 B1* 5/2002 Cohen et al. .................. TO9.218
`6,389,468 B1
`5/2002 Muller et al.
`6,393,026 B1
`5/2002 Irwin
`6,397.259 B1
`5, 2002 Lincke et al.
`6,408,336 B1
`6, 2002 Schneider et al.
`709,223
`6.425,003 B1* 7/2002 Herzog et al. .
`370/475
`6,480,508 B1
`1 1/2002 Mwikalo et al.
`6,502,135 B1* 12/2002 Munger et al. ................ 709,225
`6,526,426 B1
`2/2003 Lakritz
`6,526.450 B1* 2/2003 Zhang et al. .................. 709/245
`E. s R 338 EG al
`a ca.
`6,560,227 B1
`5, 2003 Bartoldus et al.
`6,574,666 B1
`6, 2003 Dutta et al.
`6,578,073 B1
`6/2003 Starnes et al. ................ TO9,219
`6,581,090 B1
`6, 2003 Lindbo et al.
`6,587,466 B1
`7/2003 Bhattacharya et al. ... 370/395.21
`6,598,034 B1
`7/2003 Kloth .............................. TO6/47
`6,604,143 B1
`8, 2003 Nagar et al.
`6,606,710 B2
`8/2003 Krishnan et al.
`6,611,875 B1
`8/2003 Chopra et al. ................ 709/245
`6.625,166 B2
`9/2003 Tsukamoto et al.
`6,654,787 B1
`1 1/2003 Aronson et al.
`6,662,213 B1
`12/2003 Xie et al. ...................... TO9,206
`6,691,124 B2
`2/2004 Gupta et al.
`6,691,231 B1
`2/2004 Lloyd et al.
`6,728,885 B1
`4/2004 Taylor et al.
`6,768,992 B1
`7/2004 Jolitz
`6,772,347 B1
`8, 2004 Xie et al.
`.
`.
`.
`.
`.
`.
`.
`.
`6,785,728 B1
`8, 2004 Schneider et al.
`6,826,694 B1
`1 1/2004 Dutta et al.
`6.829,654 B1
`12/2004 Jungck
`6,832,256 B1
`12, 2004 T
`w - 4
`O3a . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 709,229
`6,847,989 B1
`1/2005 Chastain et al.
`6,850,529 B1
`2/2005 Wong
`6,854,063 B1
`2/2005 Quetal.
`6,950.947 B1
`9, 2005 Purtell et al.
`6,973,084 B1 12/2005 Jha
`7,020,700 B1
`3, 2006 Bennett et al.
`7,020,719 B1* 3/2006 Grove et al. .................. TO9,238
`7,032,031 B2
`4/2006 Jungcket al.
`7,069,249 B2
`6, 2006 Stolfo et al.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`. T13 201
`
`Cloudflare - Exhibit 1091, page 2
`
`
`
`US 8,694,610 B2
`Page 3
`
`(56)
`
`References Cited
`
`OTHER PUBLICATIONS
`
`Curt Franklin, How StuffWorks, “How Routers Work, obtained at
`internet address http://www.howstuffworks.com/router.htm.
`Microsoft Corporation, Sep.1998 “Introduction to TCP/IP obtained
`at internet address http://msdn.microsoft.com/library/backgrind/
`html/tcpipintro.htm.
`Robert Stone, “CenterTrack: An IP Overlay Network for Tracking
`DoS Floods.” Article Oct. 1, 1999, pp. 1-9.
`Chapter 1 TCP/IP Fundamentals, obtained at internet address http://
`webdocs. Sequent.com/docs/tcpoac01/ch 1.htm, pp. 1-28.
`Cheng Wu, “Web Switching: A New Generation of Networking.” pp.
`1-3.
`ArrowPoint CommunicationsTM Article, "A Comparative Analysis of
`Web Switching Architectures.” pp. 1-11.
`ArrowPoint CommunicationsTM, Brochure, “The Top 12 Benefits of
`Content Intelligence.”
`L. Peter Deutsch, “Deflate Compressed Data Format Specification.”
`May 1996.
`Antaeus Feldspar, Article, "An Explanation of the Deflate Algo
`rithm.” Sep. 11, 1997.
`ArrowPoint CommunicationsTM CDDCenter Vendor Listing,
`“ArrowPoint CS-50 Highlights' obtained at internet address http://
`www.cddcenter.com/arrowpoint.htm, May 21, 2000.
`Peter Christy, Analyst Commentary, “When to Distribute Content—
`The Peters' Principles,” obtained at internet address http://www.
`cddcenter.com/index.html. May 21, 2000.
`Content Delivery 101: An Introduction to Content Distribution &
`Delivery.
`CDDCenter, “How Do Caching and Content Delivery Really Dif
`fer?” obtained at internet address http://www.cddcentercom/
`cachingvcontent.htm. pp. 1-4, May 21, 2000.
`Internet Research Group "Infrastructure Application Service Provid
`ers.” Feb. 2000, pp. 1-7.
`Peter Christy, Internet Research Group, "Content Delivery Architec
`tures: Why Doesn't One Size Fit All?” pp. 1-12.
`Steven Vonder Haar, Inter(a)active Week, Feb. 14, 2000, "Content
`Delivery Shifts to Edge of Net”, obtained at internet address http://
`www.zdnet.com/intweek? stories/news/0,4164,2436865,00.html,
`Dated May 22, 2000.
`David Willis, Network Computing, “The Content-Delivery Edge.”
`obtained at internet address http://www.networkcomputing.com/
`1103/1103colwillis.html, Dated May 22, 2000.
`Phrack Magazine, “IP-spoofing Demystified (Trust-Relationship
`Exploitation) vol. Seven, Issue Forty-Eight, File 14 of 18. pp. 1-9,
`obtained at internet address http://www.fc.net/phrack/files/p48/p48
`14.html, Dated Jun. 5, 2000.
`Eddie Mission, “What is Eddie?', obtained at internet address http://
`www.eddieware.org/what.html. Dated Apr. 21, 2000.
`Cisco Enterprise Solutions, “Quality of Service,” obtained at internet
`address http://www.cisco.com/warp public/779/largeent/learn tech
`nologies/gos/.
`Cisco White Paper, “Delivering End-to-End Security in Policy-Based
`Networks,” obtained at internet address, http://www.cisco.com/
`warp public/cc/pd/nemnsw/cap/tech/deesp wp.htm.
`Technology Packeteer, obtained at internet address, http://www.
`packeteer.com/technology/index.cfm.
`Packeteer, Inc., “Four Steps to Application Performance across the
`Network. pp. 1-8.
`Overview Cisco Content Networking, obtained at internet address
`http://www.cisco.com/warp/public/cc/sofnesofieneSv/cxnefcc.nov
`ov.htm.
`Overview Cisco Secure Policy Manager 2.0, obtained at internet
`address
`http://www.cisco.com/warp/public/cc/pdfsgSW/sqppmn/
`prodlit secmn ov.htm.
`Alteon Web Systems, White Paper "Optimizing ISP Networks and
`Services with DNS Redirection.” Aug. 1999.
`Alteon Web Systems, White Paper “Virtual Matrix Architecture Scal
`ing Web Services for Performance and Capacity.” Apr. 2000.
`Alteon Web Systems, Questions and Answers, pp. 1-3.
`Alteon Web Systems, White Paper, pp. 1-8.
`
`3Com Technical Papers, Layer 3 Switching, May 1998.
`Web Cache Communication Protocol Version 2, pp. C-1 to C-54.
`RFC2267 Working Group—Denial of Service Counter Measures,
`Tele-conference Meeting Aug. 25, 2000, Moderator, Henry Teng of
`eBay.
`Track-back Architecture General Requirements Version 0.1. Initial
`Draft submitted to Counter-DoS Solutions Working Group, Jul. 31.
`2000, Edited by Bob Geiger, Recourse Technologies.
`SwitchOn Networks, Inc., ClassiPITM At-a-Glance.
`C-PortTMAMotorola Company, C-5TM Digital Communications Pro
`cessor, Product Brief, pp. 1-8, May 4, 2000.
`Peder Jungck, “Building a Faster Cache Server' A Theoretical
`Whitepaper, Silicon Valley Internet Capital, pp. 1-19.
`IXF1002 Dual Port Gigabit Ethernet Mac, Product Brief, Levon
`OneTM an Intel Company.
`NetLogic Microsystems Product Overview.
`Agere, Inc. “The Challenge for Next Generation Network Proces
`sors”, Sep. 10, 1999.
`Eric J. Rothfus, Agere, Inc., “The Case for a Classification Lan
`guage'. Sep. 10, 1999.
`Agere, Inc. “Building Next Generation Network Processors'. Sep.
`10, 1999.
`Phillips Semiconductors’ VMS747 Security Processor Overview.
`Cisco Systems, Cisco 12000 Series GSR, "Performing Internet Rout
`ing and Switching at Gigabit Speeds, obtained at internet address,
`http://www.cisco.com/warp/public/cc/pd/rt/ 12000?.
`Cisco Systems, “Cisco 10000 Edge Service Router,” obtained at
`internet
`address,
`http://www.cisco.com/warp/public/cc/pd/rt/
`10000?.
`Nortel NetworksTM “Passport 8600 Routing Switch.” obtained at
`internet address, http://www.nortelnetworks.com/products/01/pass
`port/8600/index.html.
`Lucent Technologies, “InterNetworking Systems,” obtained at
`internet address, http://www.lucent.com/ins/products/grf.
`Lucent Technologies, “InterNetworking Systems,” obtained at
`internet address, http://www.lucent.com/ins/products/grf grf1600.
`html.
`Juniper Networks, “M20 Internet Backbone Router.” Datasheet,
`obtained at internet address, http://www.juniper.net/products/dsheet/
`100009.html.
`Juniper Networks, “M40 Internet Backgbone Router.” Datasheet,
`obtained at internet address, http://www.juniper.net/products/dsheet/
`100001.html.
`Juniper Networks, Inc., “M160 Internet Backbone Router'
`Datasheet, obtained at internet address, http://www.juniper.net/prod
`ucts/dsheet 100 12.
`Rajeev Kumar, Intel Confidential, “IXP1200 Overview”.
`Intel“IXP1200 Network Processor.” Datasheet, pp. 1-109 (out of 146
`pages), May 2000.
`Cisco 7500 Series Routers, pp. 1-2, obtained http://www.cisco.com/
`warp/public/cc/pd/rt/7500/.
`3.com Virtual Lan Tutorial, obtained from http://munshi.Sonoma.edu/
`s97 bus420/vlan.html, Jul. 21, 2003, pp. 1-21.
`Przygienda and Droz, Abstract, “Proxy PNNI Augmented Routing
`(Proxy PAR), pp. 371-377, (C) 1998 IEEE.
`Stevenson and Julin, Abstract, “Client-Server Interactions in Multi
`Server Operating.” Sep.1994, 16 pages.
`JISC JTAP Report “Network Delivery of High Quality MPEG-2
`Digital Video.” Oct. 1998, 58 pages.
`Andresen, Daniel; Yang, Tao. "Adaptive Scheduling with Client
`Resources to Improve WWW Server Scalability.” 1996. www.cs.
`ucsb.edu/TRS/techreports/TRCS96-27.ps.
`Beck, Andre; Hofmann, Markus. "Enabling the Internet to Deliver
`Content-Oriented Services.” 2001. www.cs.bu.edu/techreports/
`2001-0170-wcw01-proceedings/107 beck.pdf.
`Castelluccia, Claude. "A Hierarchical Mobility Management
`Scheme for IPv6.” ballesta.inrialpes.fr/Infos/Personnes/Claude.
`Castellucciaiscc98.ps.gZ.
`Funfrocken, Stefan. “Integrating Java-based Mobile Agents into Web
`Servers under Security Concerns.” 1998. http.cs.berkeley.edu/~
`gribble?papers/msc thesis.ps.gZ.
`
`Cloudflare - Exhibit 1091, page 3
`
`
`
`US 8,694,610 B2
`Page 4
`
`(56)
`
`References Cited
`
`OTHER PUBLICATIONS
`
`Gribble, Steven D. "System Design Issues for Internet Middleware
`Services: Deductions from a Large Client Trace.” 1997. http.cs.
`berkelev.edu/~gribble?papers/msc thesis.ps.cqZ.
`Kim, Gene H.; Orman, Hilarie; O'Malley, Sean. “Implementing a
`Secure rlogin Environment: A Case Study ofUsing a Secure Network
`Layer Protocol.” 1995. ftp.cs.arizona.edu/xkernel/Papers/rloqin ps.
`Corpus-Based Learning of Compound Noun Indexing Ung-Kwan
`Jee Hyub (2000) www.ai.mit.edu/people immylin/papers/Kwak00.
`pdf.
`
`The Role of Test Cases in Automated Knowledge Refinement—
`Palmer, Craw (1996) www.scnms.rqu.ac.uk/publications/96/96 4ps.
`CZ.
`The Policy Obstacle Course: The Realisation of Low-Level.—
`Schema York July www.cs.york.ac.uk/-dim/pubs/polobstc.ps.Z.
`Data Filter Architecture Pattern Robert Flanders and Eduardo..—
`Dept of Computer jerry.cs.uiuc.edu/~plop plop99/proceedings/
`Fernandez.5/Flanders3.PDF.
`
`* cited by examiner
`
`Cloudflare - Exhibit 1091, page 4
`
`
`
`U.S. Patent
`
`Apr. 8, 2014
`
`Sheet 1 of 6
`
`US 8,694,610 B2
`
`
`
`N
`
`r
`s
`
`2
`C)
`
`
`
`s
`
`V
`d
`
`S
`
`Cloudflare - Exhibit 1091, page 5
`
`
`
`U.S. Patent
`
`Apr. 8, 2014
`
`Sheet 2 of 6
`
`US 8,694,610 B2
`
`
`
`Z ’5) I „I
`
`Cloudflare - Exhibit 1091, page 6
`
`
`
`U.S. Patent
`
`Apr. 8, 2014
`
`Sheet 3 of 6
`
`US 8,694,610 B2
`
`
`
`ce
`
`£I SNCI
`
`/
`
`)
`
`
`
`T
`
`Cloudflare - Exhibit 1091, page 7
`
`
`
`U.S. Patent
`
`Apr. 8, 2014
`
`Sheet 4 of 6
`
`US 8,694,610 B2
`
`---- »| 0
`
`
`
`
`
`
`
`Z mua?IO
`
`Cloudflare - Exhibit 1091, page 8
`
`
`
`U.S. Patent
`
`Apr. 8, 2014
`
`Sheet 5 of 6
`
`US 8,694,610 B2
`
`| 19 Au9S
`
`
`
`ZOZ
`
`S
`
`
`
`
`
`WS (5) | H
`
`Cloudflare - Exhibit 1091, page 9
`
`
`
`
`OT9
`
` seasagKxoig|8091oydaouqu]asonboy|
`
`*
`
`_——e9094911-4
`
`
`
` GVVZ09sa195o8pq
`
`VOD
`
`|Joasag
`sonboy
` aSNC
`
`
`U.S. Patent
`
`Apr. 8, 2014
`
`Sheet 6 of 6
`
`US 8,694,610 B2
`
`801
`
`Ole
`
`eATTee~
`
`yWIat]D
`
`OZ/
`,bitIQ—\4_.’e—___501
`
`we(dldOd)s.,
`
`
`
`(vidOu)*€wan{fit
`
`Cloudflare - Exhibit 1091, page 10
`
`(azdod)
`
`Cloudflare - Exhibit 1091, page 10
`
`
`
`
`
`
`
`
`
`
`1.
`APPARATUS AND METHOD FOR DOMAIN
`NAME RESOLUTION
`
`REFERENCE TO RELATED APPLICATIONS
`
`This application is a continuation under 37 C.F.R.S 1.53(b)
`of U.S. Pat. Application Ser. No. 09/602,286 filed Jun. 23,
`2000 now U.S. Pat. No. 7,003,555, the entire disclosure of
`which is hereby incorporated by reference. This application is
`related to U.S. Pat. Application Ser. No. 09/602,129 filed
`concurrently with the parent application on Jun. 23, 2000,
`now U.S. Pat. No. 6,829,654, entitled 'Apparatus and Method
`for Virtual Edge Placement of Web Sites.”
`
`BACKGROUND
`
`10
`
`15
`
`The Internet is growing by leaps and bounds. Everyday,
`more and more users log on to the Internet for the first time
`and these, and existing users are finding more and more
`content being made available to them. Whether it be for
`shopping, checking Stock prices or communicating with
`friends, the Internet represents a universal medium for com
`munications and commerce.
`Unfortunately, the growing user base along with the grow
`ing content provider base is causing ever increasing conges
`tion and strain on the infrastructure, the network hardware
`and Software plus the communications links linking it all
`together, which makes up the Internet. While the acronym
`“WWW is defined as “World WideWeb”, many users of the
`Internet have come to refer to it as the “World Wide Wait.
`These problems are not limited to the Internet either. Many
`companies provide internal networks, known as intranets,
`which are essentially private Internets for use by their
`employees. These intranets can become overloaded as well.
`Especially, when a company's intranet provides connectivity
`to the Internet. In this situation, the intranet is not only car
`rying internally generated traffic but also Internet traffic gen
`erated by the employees.
`Furthermore, more and more malicious programmers are
`setting there sights on the Internet. These “hackers’ spread
`virus programs or attempt to hack into Web sites in order to
`steal valuable information such as credit card numbers. Fur
`ther, there have been an increasing number of Denial of Ser
`Vice attacks where a hacker infiltrates multiple innocent com
`puters connected to the Internet and uses them, unwittingly, to
`45
`bombard a particular Web site with an immense volume of
`traffic. This flood of traffic overwhelms the servers and liter
`ally shuts the Web site down.
`Accordingly, there is a need for an enhanced Internet infra
`structure to more efficiently deliver content from providers to
`users and provide additional network security and fault tol
`CaCC.
`
`25
`
`30
`
`35
`
`40
`
`50
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 depicts an exemplary network for use with the
`preferred embodiments.
`FIG. 2 depicts the operations of the Domain Name System
`of the exemplary network of FIG. 1.
`FIG. 3 depicts an exemplary content delivery system for
`use with the exemplary network of FIG. 1.
`FIG. 4 depicts a content delivery system for use with the
`network of FIG. 1 according to a first embodiment.
`FIG. 4A depicts a block diagram of the edge server of FIG.
`4.
`FIG. 5 depicts a content delivery system for use with the
`network of FIG. 1 according to a second embodiment.
`
`55
`
`60
`
`65
`
`US 8,694,610 B2
`
`2
`FIG. 5A depicts a block diagram of the edge server of FIG.
`
`5
`
`FIG. 6 depicts a content delivery system for use with the
`network of FIG. 1 according to a third embodiment.
`FIG. 6A depicts a block diagram of the edge server of FIG.
`6.
`
`DETAILED DESCRIPTION OF THE DRAWINGS
`AND PRESENTLY PREFERRED
`EMBODIMENTS
`
`Referring now to the figures, and in particular, FIG.1, there
`is shown an exemplary network 100 for use with the presently
`preferred embodiments. It is preferred that the network 100
`be a publicly accessible network, and in particular, the Inter
`net. While, for the purposes of this disclosure, the disclosed
`embodiments will be described in relation to the Internet, one
`of ordinary skill in the art will appreciate that the disclosed
`embodiments are not limited to the Internet and are applicable
`to other types of public networks as well as private networks,
`and combinations thereof, and all Such networks are contem
`plated.
`I. Introduction
`As an introduction, a network interconnects one or more
`computers so that they may communicate with one another,
`whether they are in the same room or building (Such as a Local
`Area Network or LAN) or across the country from each other
`(such as a Wide Area Network or WAN). A network is series
`of points or nodes 126 interconnected by communications
`paths 128. Networks can interconnect with other networks
`and can contain Sub-networks. A node 126 is a connection
`point, either a redistribution point or an end point, for data
`transmissions generated between the computers which are
`connected to the network. In general, a node 126 has a pro
`grammed or engineered capability to recognize and process
`or forward transmissions to other nodes 126. The nodes 126
`can be computer workstations, servers, bridges or other
`devices but typically, these nodes 126 are routers.
`A router is a device or, in some cases, software in a com
`puter, that determines the next network node 126 to which a
`piece of data (also referred to as a “packet' in the Internet
`context) should be forwarded toward its destination. The
`router is connected to at least two networks or Sub-networks
`and decides which way to send each information packet based
`on its current understanding of the state of the networks it is
`connected to. A router is located at any juncture of two net
`works, Sub-networks or gateways, including each Internet
`point-of-presence (described in more detail below). A router
`is often included as part of a network switch. A router typi
`cally creates or maintains a table of the available routes and
`their conditions and uses this information along with distance
`and cost algorithms to determine the best route for a given
`packet. Typically, a packet may travel through a number of
`network points, each containing additional routers, before
`arriving at its destination.
`The communications paths 128 of a network 100, such as
`the Internet, can be coaxial cable, fiber optic cable, telephone
`cable, leased telephone lines such as Ti lines, satellite links,
`microwave links or other communications technology as is
`known in the art. The hardware and software which allows the
`network to function is known as the “infrastructure. A net
`work 100 can also be characterized by the type of data it
`carries (voice, data, or both) or by the network protocol used
`to facilitate communications over the network's 100 physical
`infrastructure.
`The Internet, in particular, is a publicly accessible world
`wide network 100 which primarily uses the Transport Control
`
`Cloudflare - Exhibit 1091, page 11
`
`
`
`US 8,694,610 B2
`
`10
`
`15
`
`25
`
`3
`Protocol and Internet Protocol (“TCP/IP) to permit the
`exchange of information. At a higher level, the Internet Sup
`ports several applications protocols including the Hypertext
`Transfer Protocol (“HTTP) for facilitating the exchange of
`HTML/World Wide Web (“WWW) content, File Transfer
`Protocol (FTP) for the exchange of data files, electronic
`mail exchange protocols, Telnet for remote computer access
`and Usenet for the collaborative sharing and distribution of
`information. It will be appreciated that the disclosed embodi
`ments are applicable to many different applications protocols
`both now and later developed.
`Logically, the Internet can be thought of as a Web of inter
`mediate network nodes 126 and communications paths 128
`interconnecting those network nodes 126 which provide mul
`tiple data transmission routes from any given point to any
`other given point on the network 100 (i.e. between any two
`computers connected to the network). Physically, the Internet
`can also be thought of as a collection of interconnected Sub
`networks wherein each Sub-network contains a portion of the
`intermediate network nodes 126 and communications paths
`128. The division of the Internet into sub-networks is typi
`cally geographically based, but can also be based on other
`factors such as resource limitations and resource demands.
`For example, a particular city may be serviced by one or more
`Internet Sub-networks provided and maintained by compet
`ing Internet Service Providers (“ISPs') (discussed in more
`detail below) to support the service and bandwidth demands
`of the residents.
`Contrasting the Internet with an intranet, an intranet is a
`private network contained within an enterprise, Such as a
`corporation, which uses the TCP/IP and other Internet proto
`cols, such as the World WideWeb, to facilitate communica
`tions and enhance the business concern. An intranet may
`contain its own Domain Name Server (“DNS) (described in
`more detail below) and may be connected to the Internet via
`a gateway, i.e., an intra-network connection, or gateway in
`combination with a proxy server (described in more detail
`below) or firewall, as are known in the art.
`Referring back to FIG. 1, clients 102,104,106 and servers
`108, 110, 112 are shown coupled with the network 100.
`Herein, the phrase “coupled with is defined to mean directly
`connected to or indirectly connected with through one or
`more intermediate components. Such intermediate compo
`nents may include both hardware and software based compo
`nents. The network 100 facilitates communications and inter
`45
`action between one or more of the clients 102, 104,106 and
`one or more of the servers 108, 110, 112 (described in more
`detail below). Alternatively, the network 100 also facilitates
`communications and interaction among one or more of the
`clients 102, 104,106, e.g. between one client 102, 104, 106
`and another client 102,104,106 or among one or more of the
`servers 108, 110, 112, e.g. between one server 108, 110, 112
`and another server 108, 110, 112.
`A client 102, 104, 106 may include a personal computer
`workstation, mobile or otherwise, wireless device Such as a
`personal digital assistant or cellular telephone, an enterprise
`scale computing platform Such as a mainframe computer or
`server or may include an entire intranet or other private net
`work which is coupled with the network 100. Typically, a
`client 102, 104, 106 initiates data interchanges with other
`computers, such as servers 108, 110, 112 coupled with the
`network 100. These data interchanges most often involve the
`client requesting data or content from the other computer and
`the other computer providing that data or content in response
`to the request. Alternatively, the other computer coupled with
`the network can “push data or content to the client 102,104,
`106 without it first being requested. For example, an elec
`
`4
`tronic mail server 108, 110, 112 may automatically push
`newly received electronic mail over the network 100 to the
`client 102, 104,106 as the new electronic mail arrives, alle
`viating the client 102,104,106 from first requesting that new
`mail be sent. It will be apparent to one of ordinary skill in the
`art that there can be many clients 102,104,106 coupled with
`the network 100.
`A server 108, 110, 112 may include a personal computer
`workstation, an enterprise scale computing platform or other
`computer system as are known in the art. A server 108, 110.
`112 typically responds to requests from clients 102,104,106
`over the network 100. In response to the request, the server
`108, 110, 112 provides the requested data or content to the
`client 102,104,106 which may or may not require some sort
`of processing by the server 108,110, 112 or another computer
`to produce the requested response. It will be apparent to one
`of ordinary skill in the art that a client 102,104,106 may also
`be a server 108, 110, 112 and vice versa depending upon the
`nature of the data interchange taking place. For purposes of
`this disclosure, a client 102, 104, 106 requests or receives
`content and is separate from a server 108, 110, 112 which
`provides content (whether requested or not, i.e. pushed). Pref
`erably, servers 108, 110, 112 are World Wide Web servers
`serving Web pages and/or Web content to the clients 102,104,
`106 (described in more detail below). It will be apparent to
`one of ordinary skill in the art that there can be many servers
`108, 110, 112 coupled with the network 100.
`Clients 102, 104, 106 are each coupled with the network
`100 at a point of presence (“POP”) 114, 116. The POP 114,
`116 is the connecting point which separates the client 102.
`104,106 from the network 100. In a public network 100, such
`as the Internet, the POP 114, 116 is the logical (and possibly
`physical) point where the public network 100 ends, after
`which comes the private hardware or private network of the
`client 102,104,106. A POP114,116 is typically provided by
`a service provider 118, 120, such as an Internet Service Pro
`vider ("ISP") 118, 120, which provides connectivity to the
`network 100 on a fee for service basis. A POP 114, 116 may
`actually reside in rented space owned by telecommunications
`carrier such as AT&T or Sprint to which the ISP 118, 120 is
`connected. A POP 114, 116 may be coupled with routers,
`digital/analog call aggregators, servers 108, 110, 112, and
`frequently frame relay or ATM switches. As will be discu