发明名称 |
Lock-free updates to a domain name blacklist |
摘要 |
A computer-implemented method updates a domain name system blacklist in a lock-free manner is disclosed. In the method, an entry of the domain name blacklist is read at a DNS resolver in a plurality of DNS resolvers. The entry specifies a policy for the DNS resolver to execute when the DNS resolver receives a request to resolve a domain name. Before the reading is complete, an updated entry of the domain name blacklist is received, a new record to the domain name blacklist is added, and the entry being read is placed into a garbage pool having a current version number. Independently from the reading of the entry, the current version number is incremented and a new garbage pool is created for the incremented version number. When the reading is complete, the current version number is assigned to the DNS resolver. |
申请公布号 |
US9264399(B1) |
申请公布日期 |
2016.02.16 |
申请号 |
US201514829103 |
申请日期 |
2015.08.18 |
申请人 |
Farsight Security, Inc. |
发明人 |
Schryver Vernon |
分类号 |
G06F15/16;H04L29/12 |
主分类号 |
G06F15/16 |
代理机构 |
Sterne, Kessler, Goldstein & Fox P.L.L.C. |
代理人 |
Sterne, Kessler, Goldstein & Fox P.L.L.C. |
主权项 |
1. A computer-implemented method for lock-free updates to a domain name system blacklist, comprising:
(a) reading, at a DNS resolver in a plurality of DNS resolvers, an entry of the domain name blacklist, the entry specifying a policy for the DNS resolver to execute when the DNS resolver receives a request to resolve a domain name; before the reading is complete: (b) receiving an updated entry of the domain name blacklist; (c) adding a new record to the domain name blacklist; (d) placing the entry being read into a garbage pool having a current version number; independently from the reading (a): (e) incrementing the current version number; (f) creating a new garbage pool for the incremented version number; and (g) when the reading is complete, assigning the current version number to the DNS resolver. |
地址 |
San Mateo CA US |