Device and method for split DNS communications

摘要

Automatically configuring split DNS operation in a wireless network device connected to a network. The wireless network device snoops one or more exchanged DHCP messages to obtain domain name(s) associated with the organization that are now used as target domain name suffix(es) for split DNS operations. For subsequent DNS queries, information within the message is analyzed to determine if the request includes a domain delimiter. If no delimiter, the DNS query message is sent to an internal DNS server that is located within an organization. If a delimiter exists, but the domain name in the message matches one of the target domain name suffixes, the DNS query message is sent to the internal DNS server as well. Otherwise, the DNS query message is routed over a different communication path.

主权项

1. A computer-implemented method, comprising:
receiving a dynamic host configuration protocol (DHCP) response message, wherein the DHCP response message is sent by a DHCP server in a private network, wherein the DHCP response message provides an Internet Protocol (IP) address to a network device, and wherein the DHCP response message is associated with a domain name service (DNS) server and a response message domain name; determining the response message domain name associated with the DHCP response message, wherein determining includes evaluating content of the DHCP response message; receiving a DNS request message, wherein the DNS request message is sent to a DNS server to look up the IP address for a domain name, and wherein the DNS request message is associated with a request message domain name; determining the request message domain name associated with the DNS request message, wherein determining includes evaluating content of the DNS request message; comparing the response message domain name associated with the DHCP response message with the request message domain name associated with the DNS request message; and routing the DNS request message, wherein the DNS request message is routed over a secure connection to the DNS server in the private network associated with the DHCP response message when the request message domain name associated with the DNS request message matches the response message domain name associated with the DHCP response message.