Lock-free updates to a domain name blacklist

摘要

A computer-implemented method updates a domain name system blacklist in a lock-free manner is disclosed. In the method, an entry of the domain name blacklist is read at a DNS resolver in a plurality of DNS resolvers. The entry specifies a policy for the DNS resolver to execute when the DNS resolver receives a request to resolve a domain name. Before the reading is complete, an updated entry of the domain name blacklist is received, a new record to the domain name blacklist is added, and the entry being read is placed into a garbage pool having a current version number. Independently from the reading of the entry, the current version number is incremented and a new garbage pool is created for the incremented version number. When the reading is complete, the current version number is assigned to the DNS resolver.

主权项

1. A computer-implemented method for lock-free updates to a domain name system blacklist, comprising:
(a) reading, at a DNS resolver in a plurality of DNS resolvers, an entry of the domain name blacklist, the entry specifying a policy for the DNS resolver to execute when the DNS resolver receives a request to resolve a domain name; before the reading is complete: (b) receiving an updated entry of the domain name blacklist; (c) adding a new record to the domain name blacklist; (d) placing the entry being read into a garbage pool having a current version number; independently from the reading (a): (e) incrementing the current version number; (f) creating a new garbage pool for the incremented version number; and (g) when the reading is complete, assigning the current version number to the DNS resolver.