1. The Field of the Invention
The present invention relates to computer networks and is more particularly related to a system for registration of data, such as Internet Protocol (IP) addresses, in compliance with a dynamic Domain Naming System (DNS) convention. The invention minimizes traffic between client computers and DNS server computers while minimizing incremental zone transfer network traffic between DNS server computers.
2. The Prior State of the Art
Increasingly, client computer-server computer computing has become a normal trend for the delivery of computational services. A server computer will have a desired application and a client computer will have software component capable of accessing the server computer for the desired services. This may take place over a communications network, such as an Ethernet Local Area Network (xe2x80x9cLANxe2x80x9d), or it may occur over a more direct connection through a modem. In either case, the bulk of the computing is provided by the server computer or server computer application and the results are communicated to the client computer portion or client computer application that will then display the results for the user.
It becomes a somewhat difficult process in many instances to anticipate adequate resources for running the server computer application for a certain level of load created by a particular number of users desiring the services provided by the server computer application. The resources used are typically hardware resources, such as CPU time, network bandwidth, disk and memory usage, etc., but may also include software component resources, such as operating system facility usage.
It is important to anticipate adequate resources for the server computer application in order to reduce frustration on the part of the user and to allow the client computer-server computer software component to work most effectively. One of the most common user frustrations is having an unusually long delay in receiving the results of the services provided by the service application or simply not having the server computer application available to provide the desired services, both due to inadequate hardware and system resources. Furthermore, actual errors in the services provided may occur due to the lack of resources available for running the server computer application.
Increasingly, client computers and server computers are standardizing in the way that they communicate, particularly in view of the advances in use and exploitation of the Internet. Of the many areas of standardization, one example is in Internet machine addressing protocol, which is directed towards the reality that computers and people don""t remember address information in the same way. While people remember address names with words, computers remember and store information, including address names, numerically. To help people and computers communicate, a translation program is need to translate address names expressed in words into address names expressed in numbers, and vice a versa. In order for a computer to find a specific resource on the Internet, such as a document, a Universal Resource Locator (URL) is used as the address for the document. A person wanting to locate the document enters the words of the URL on a computer that is in communication with the Internet. The computer identifies server computers, including itself, with an IP address that is numerically expressed.
The Microsoft Corporation has in the past produced computer networking software components that perform the registration of IP addresses using the Windows Internet Naming Service (WINS). WINS could be used to translate names expressed in words into names expressed in numbers, and vice a versa. In this way, WINS could be used to use to automatically publish machine name IP addresses. Translation software fundamentally is used to translate text names of server computers into the numeric names that computers recognize, which is then published as IP addresses so that server computers located on geographically disbursed computer networks, such as the Internet, can find one another.
The WINS server computer method is a method for automatic registration of machine host names and IP addresses that is handled through a WINS protocol and server computer. As a machine gets a new IP address, the address information is put on a WINS server computer. When the database of a WINS server computer is relatively small, the WINS server computer is relatively easy to use and maintain. The WINS server computer, however, is disadvantaged in that it does not scale very well since the namespace of the database thereof is flat and cannot be partitioned.
A more common server computer than a WINS server computer is a Domain Naming System (DNS) server computer. DNS is a general-purpose distributed database for storing of DNS data that is published by software entities. Although there are many uses for a DNS system and the general-purpose nature of the DNS database, such as its use as a mechanism for client-server rendezvous, one popular use is xe2x80x9cname to address translationxe2x80x9d, or the act of converting human-friendly names into machine-friendly addresses. DNS is also used for address-to-name translation of the taking of an IP address and finding out the name associated with it. Computers and other resources having an Internet presence use DNS to provide a textually expressed name. In addition to the responsibility of DNS for converting machine names into IP addresses and vice versa, DNS also coordinates IP addressing in the vast and distributed database that is representative of all published machines.
WINS differs from standard DNS in two significant ways. Standard DNS information for a particular domain is configured through static configuration files. That is, the files must be updated by hand for the most part. The standard WINS information database is built dynamically without human intervention, although static records can also be added to the WINS database by manually entry. A WINS client computer will register its name with the WINS server computer when it boots. As long as the name is not already in use, the WINS server computer will allow the client computer to use that name.
WINS and DNS interface in a methodology knows as WINS Referral that functions on DNS server computers. In WINS Referral, queries are made by a client computer for a name and if the name is not found in the DNS database, then the query is referred instead to WINS. The WINS Referral methodology then determines if the queried name is in WINS or not. If the queried name is found in WINS, then the answer to the query is returned first back to DNS and then back to the client.
WINS and standard DNS are used to resolve different types of services. DNS is used to resolve service types like HTTP for web access, or FTP for file transfer, or POP for mail transfer, or TELNET for terminal access. WINS name resolution is used to resolve names of NETBIOS services. Some NETBIOS services include, for example, the ability to share directories and printers.
One of the many goals of DNS is to provide access to DNS data that is useable by computers connected on networks, called hosts. The terms host and client computer are used interchangeably herein. One example of this goal is the DNS mechanism for naming resources in such a way that the names are usable in different hosts, networks, protocol families, internets, and administrative organizations.
The DNS distributed general-purpose database is partitioned into zones. Each zone is hosted by a DNS server. In general, no single DNS server holds a copy of the entire DNS database. The database consists of records, where each record has five parts. The five parts of each DNS record are the Name, Time To Live, Class, Type, and Data. For the purposes of this present application, only the Name, the Type and the Data will be discussed. The Names in the DNS records form a hierarchy or tree. An example record type is the Host record, which is an xe2x80x9cA recordxe2x80x9d. The Name corresponds to the name of a host on the network, and the Data corresponds to the IP address of that host.
A record set consists of all the records for a given Name and Type. For example, the xe2x80x9cA record setxe2x80x9d for a given host name consists of all the IP addresses associated with that host, where there is one xe2x80x9cA recordxe2x80x9d per IP address.
A DNS server may load one or more zones, and a DNS server that loads a zone is said to be Authoritative for the names in that zone. A zone may be copied to one or more servers for fault tolerance and load balancing. The act of replicating a zone from one server to another is called Zone Transfer. A single copy of the zone is identified as the Master copy of the zone, and all subsequent copies of the zone are Slave copies. Changes to the zone can only be made on the DNS server that holds the Master copy of the zone. There are some configurations, however, where there may be more than one Master copy of a given zone.
The xe2x80x9ctopxe2x80x9d or beginning of a zone is indicated by a Start of Authority (xe2x80x9cSOA recordxe2x80x9d) record. The Name of the SOA record is the name of the zone. The Data of the SOA record includes the DNS name of the master server for the zone and a serial number value that indicates the current version of the zone. One or more Name Server (xe2x80x9cNS recordxe2x80x9d) records of the same Name always accompany an SOA record. The Data of the NS records includes the names of all the servers that are authoritative for the zone.
There are three major components of the DNS system including the Domain Name Space, Resource Records, Name servers, and Resolvers. The Domain Name Space and Resource Records are specifications for a tree structured name space and data associated with the names. Conceptually, each node and leaf of the Domain Name Space tree names a set of information, and query operations are attempts to extract specific types of information from a particular set of information. A query names the domain name of interest and describes the type of resource information that is desired. For example, the Internet uses some of its domain names to identify hosts. Queries for address resources return Internet host addresses. The Domain Name Space is a tree structure. Each node and leaf on the tree corresponds to a resource set. The domain name of a node is the list of the labels on the path from the node to the root of the tree. All domain names end at the root. A domain name has labels that are separated by dots (xe2x80x9c.xe2x80x9d). A complete domain name ends with the root label. A domain is identified by a domain name, and consists of that part of the domain name space that is at or below the domain name which specifies the domain. A domain is a subdomain of another domain if it is contained within that domain. A domain name identifies a node. Each node has a set of resource information, which may be empty.
Name servers are server computer software components that hold information about the domain tree""s structure and set information. Stated otherwise, name servers are the repositories of information that make up the domain database. As mentioned above, the DNS database is partitioned into zones, each of which is hosted by a DNS server computer. The zones are distributed among the name servers. The essential task of a name server is to answer queries using data in its zones. Name servers can answer queries in a simple manner. The response can always be generated using only local data, and either contains the answer to the question or a referral to other name servers xe2x80x9ccloserxe2x80x9d to the desired information. Name servers manage data that is held in zones. Each zone is the complete database for a particular xe2x80x9cprunedxe2x80x9d subtree of the domain space. This data is called Authoritative. In contrast, a DNS server that loads the zone is said to be Authoritative for the names in that zone. A name server periodically checks to make sure that its zones are up to date, and if not, obtains a new copy of updated zones from master files stored locally or in another name server.
A host can participate in the domain name system in a number of ways, depending on whether the host runs programs that retrieve information from the domain system, name servers that answer queries from other hosts, or various combinations of both functions. A common DNS configuration is seen in FIG. 1 in which user programs interact with the domain name space through resolvers. From the user""s point of view, domain names are useful as arguments to a local agent, which called a resolver, which retrieves information associated with the domain name. Thus a user might ask for the host address by an appropriate query type that is then passed to the resolver with the domain name. To the user, the domain tree is a single information space.
The information flow shown in FIG. 1 illustrates a host supporting various aspects of the domain name system, where a cache holds domain space data for the nearby or xe2x80x9ctoeholdxe2x80x9d name server and the local resolver. As is illustrated in FIG. 1, the DNS system is constructed of three parts: a resolver, a xe2x80x9ctoeholdxe2x80x9d DNS server, and one or more foreign DNS servers. The resolver associated with a local host store the IP addresses of one or more xe2x80x9ctoeholdxe2x80x9d DNS servers, where typically the toehold server is nearby in a communications network or physical sense. The resolver then send queries to the toehold server for which the resolver has an IP address, and the toehold servers answers the query from its authoritative data, or out of its associated cache, or by recursively querying one or more foreign servers for an answer to the query. The contents of the cache will typically be a mixture of authoritative data maintained by the periodic refresh operations of the name server from previous resolver requests. The structure of the domain data and the necessity for synchronization between name servers and resolvers imply the general-characteristics of the cache.
The format of user queries and user responses is specific to the host and its operating system. User queries will typically be operating system calls, and the resolver will be part of the host operating system. Less capable hosts may choose to implement the resolver as a software component subroutine to be linked in with every software component that needs its services.
A local resolver, which is illustrated by way of example in FIG. 1, is a software component that extracts information from name servers in response to client computer requests. A resolver must be able to access at least one name server and use that name server""s information to answer a query directly, or pursue the query using referrals to other name servers. From the resolver""s point of view, the database that makes up the domain space is distributed among various name servers. The resolver starts with knowledge of at least one name server. When the resolver processes a user query it asks a known name server for the information. In return, the resolver either receives the desired information or a referral to another name server.
Resolvers answer user queries with information they acquire via queries to foreign name servers. The resolver may have to make several queries to several different foreign name servers to answer a particular user query, and hence the resolution of a user query may involve several network accesses and an arbitrary amount of time. The queries to foreign name servers and the corresponding responses have a DNS standard format.
Depending on its capabilities, a name server could be a stand alone program on a dedicated machine or a process or processes on a large timeshared host. As seen in FIG. 1, a primary name server acquires information about one or more zones by reading zone files from its local file system, and answers queries about those zones that arrive from foreign resolvers.
The DNS allows that zones be redundantly supported by more than one name server. Designated secondary servers can acquire zones and check for updates from the primary server using the zone transfer protocol of the DNS. In FIG. 1, the name server periodically establishes a virtual circuit to a foreign name server to acquire a copy of a zone or to check that an existing copy has not changed. The messages sent by messaging for these maintenance activities follow the same form as queries and responses, but the message sequences are somewhat different.
In general, a network administrator is charged with maintaining a database. In the task of manually maintaining a zone by a network administrator, part of the job is to maintain the zones at all of the name servers which are authoritative for the zone. When the inevitable changes are made, they must be distributed to all of the name servers. Stated otherwise, a change must be distributed to all servers that load the zone affected by the change.
The general model of automatic zone transfer or refreshing is that one of the name servers is the master or primary for the zone. Changes are coordinated at the primary name server, typically by editing a master file for the zone. After editing, the administrator signals the master server computer to load the new zone. The other non-master or secondary server computers for the zone periodically check for changes, at a selectable interval, and obtain new zone copies when changes have been made.
To detect changes, secondary servers just check a serial number of the SOA for the zone. The serial number in the SOA of the zone is always advanced whenever any change is made to the zone. The purpose is to make it possible to determine which of two copies of a zone is more recent by comparing serial numbers. If the serial field in the secondary server""s zone copy is equal to the serial returned by the primary, then no changes have occurred. When the poll shows that the zone has changed, then the secondary server computer must request a zone transfer via a request for the zone. The request is answered by a sequence of response messages. The first and last messages must contain the data for the top authoritative node of the zone. Intermediate messages carry all of the other record sets from the zone, including both authoritative and non-authoritative record sets. The stream of messages allows the secondary server computer to construct a copy of the zone.
In DNS, a given name server will typically support one or more zones, but this gives it authoritative information about only a small section of the domain tree. The name server marks its responses to queries so that the requester can tell whether the response comes from authoritative data or not. A particular name server has complete information about a subset of the domain space, and pointers to other name servers that can be used to lead to information from any part of the domain tree. Name servers know the parts of the domain tree for which they have complete information. From a name server""s point of view, the domain system consists of zones that are separate sets of local information. The name server has local copies of some of the zones. The name server must periodically refresh its zones from master copies in local files or foreign name servers. The name server must concurrently process queries that arrive from resolvers.
The authoritative server computers for a zone are enumerated in the NS records for the origin of the zone, which, along with a SOA record are the mandatory records in every zone. Such a server computer is authoritative for all resource records in a zone that are not in another zone. A server computer for a zone should not return authoritative answers for queries related to names in another zone unless it also happens to be a server computer for the other zone.
DNS has been designed such that a consistent name space is used for referring to resources. All DNS data associated with a name is tagged with a type and queries can be limited to a single type or can be directed to retrieve all types for a given name. Query operations, as discussed above, are initiated by queries. Queries are messages which may be sent by messaging to a name server to provoke a response. The response by the name server either answers the question posed in the query, refers the requester to another set of name servers, or signals some error condition.
Traditionally, records in a DNS database of a DNS server computer were manually configured through editing of zone files. Then, the Zone Transfer mechanism was used to replicate zones between server computers. As such, entry of data could be at only one location. This type of manual entry is generally too intense in that DNS data that changes often is hard to manage and inefficient because it involved editing a file directly and reloading the server. A more efficient method would involve a method in the protocol itself for dynamically updating the database. Of the many examples of data in a DNS database that can be published dynamically, one example is IP addresses in the DNS database.
As used herein, the term xe2x80x9cRFC 1034xe2x80x9d refers to the Network Working Group Request For Comments No. 1034 titled xe2x80x9cDomain Namesxe2x80x94Concepts and Facilitiesxe2x80x9d, published by Information Sciences Institute (ISI) of the University of Southern California in November, 1987, which is incorporated herein by reference.
As used herein, the term xe2x80x9cRFC 1035xe2x80x9d refers to the Network Working Group Request For Comments No: 1035 titled xe2x80x9cDomain Namesxe2x80x94Implementation and Specificationxe2x80x9d published by published by Information Sciences Institute (ISI) of the University of Southern California in November, 1987, which is incorporated herein by reference.
As used herein, the term xe2x80x9cRFC 1995xe2x80x9d refers to the Network Working Group Request For Comments No. 1995 titled xe2x80x9cIncremental Zone Transferxe2x80x9d authored by M. Ohta of the Tokyo Institute of Technology and published in August 1996, which is incorporated herein by reference.
As used herein, the term xe2x80x9cRFC 2136xe2x80x9d refers to the Network Working Group Request For Comments No. 2136 titled xe2x80x9cDynamic Updates in the Domain Name System (DNS UPDATE)xe2x80x9d, category: Standards Track, edited by P. Vixie, and authored by S. Thomson, Y. Rekhter, and J. Bound, and published in April, 1997, which is incorporated herein by reference.
Internet Protocols RFCs 1034 and 1035, as modified by RFC 2136, indicate a way in which DNS entries can be updated dynamically. The Internet Protocol RFC 2136 describes an on-the-wire protocol for being able to send updates to a particular server computer. Using RFC 2136, it is possible to add or delete data from a specified zone, such as IP address records. In RFC 2136, messages can be transmitted in messaging routine, such as an update message. Some messages can have prerequisites while other messages need not have prerequisites. When an update message does contain a prerequisite, an update is not made to a zone until the prerequisite is first met, i.e., all prerequisites must be satisfied or else no update operations will take place. A prerequisite is a messaging component that is sent from a client computer to another server computer that does not contain an update to the zone, but rather examines a record or record set of any type whose name falls within the zone. One such examination of the prerequisite component is that of the IP address records held by the server computer. The prerequisite can ask the previous existence or non-existence within the server computer""s database of one or more names or record sets.
In network communications, it is desirable to decrease use of bandwidth, lower network traffic, and thereby potentially increase responsiveness. Dynamic updates can cause excessive zone transfers which are an inefficient use of bandwidth. In the past, changes to the DNS database were made using a full zone transfer mechanism in which the entire zone file would be replaced if any or the entire zone had changed. When two server computers communicate, they replicate the entire zone if any portion of a zone is different.
Traditional DNS replication transfers an entire zone of record sets from one server computer to another even if only one record is changed. As such, many record sets in a zone are replicated from server computer to server computer whenever the smallest portion of a record within the zone changes. Full zone transfer of replication data generates a large amount of network communications traffic.
In full zone transfer, a first server computer has a set of records that a are bundled together in a zone and a second server computer has a copy of the zone. Periodically, the first server computer examines a serial number of the zone on the first server computer that is indicative of the version of that zone. The purpose of the examination is to make sure that the first server computer has a zone with an up to date version number. If the second server computer has a version number is smaller than the first server""s version number, as is indicated by a serial of the zone of the second computer, then the second server computer initiates a copy of the entire zone from the first server computer to the second server computer.
To make changes to the DNS database more efficient, Incremental Zone Transfer was specified in RFC 1995. RFC 1995 proposes a more efficient mechanism, as it transfers only the changed portion(s) of a zone between DNS servers. RFC 1995 is helpful to minimize the traffic between server computers. If a first server computer,-which likely has an older version of a zone, thinks it needs new information about the zone, it sends a message to a second server computer containing it an age representation code of its, presumably outdated, copy of the zone. The second server computer receives the request with the outdated aging code, and therefore then knows to send back to the first server computer an update containing each change to the zone that second server computer has that the first server computer does not have. As such, the second server computer sends to the first server computer only those changes that are required to make the first server computer""s version of the zone current.
In Incremental Zone Transfer, a secondary name server requests an Incremental Zone Transfer and a primary or secondary name server responds to the request. As such, RFC 1995 implements Incremental Zone Transfer as a DNS server computer-to-DNS server computer mechanism to replicate DNS database information. As specified in RFC 1995, an one server sends an IXFR message containing the SOA serial number of its copy of a zone to another server. When an IXFR request with an older version number is received, the next IXFR server computer needs to send only the differences required to make the first server""s version current. If, however, an IXFR query with the same or newer version number than that of the next server computer is received, it is indicative that the next server computer does not have a newer version than the first server, and that there is no need for an update to the first server computer""s DNS database. From this, it can be seen that the DNS update mechanism of RFC 1995 makes server computer-to-server computer DNS database updates more efficient than full zone transfers by transferring only portions of a zone that are needed to update the DNS database instead of a full zone data transfer.
While protocol RFC 1995 has reduced network traffic in communications between DNS server computers, it does not reduce communications between client computers and DNS server computers. Accordingly, there is a need to address the ubiquitous problem of client computer-server computer network traffic.
The inventive method reduces communications network traffic between a client computer and a DNS server computer, as well as between DNS servers. The requirements of Internet Protocols RFCs 1034, 1035, 1995, and 2136 are appropriated by the inventive method so as to realize the inherent benefits of interoperability with other networks similarly in compliance with these DNS protocols. The invention demonstrates a particular usage of protocol RFC 2136 that minimizes the amount of client to server traffic for dynamic update, while also minimizing the amount of corresponding RFC 1995 incremental zone transfer traffic.
The invention presents an Application Program Interface where a calling software entity indicates what it believes is the current state of a record set in the DNS database, and what it wants the final state of the record set to be after the call is complete. The method described in the invention then attempts to change the state of the database to the desired state while maintaining database consistency. If the current state of the database is different and conflicting with the calling software entity""s version of the current state, then the database is left unchanged and the calling software entity is notified. This prevents two unique callers from perpetually resetting the contents of a single record set.
During each update, the inventive method uses the dynamic update semantics in accordance with RFC 2136 where possible, in order to defeat systems where a passthrough to another database makes DNS appear to have authoritative data published when it in fact DNS does not have authoritative data published. An example of such a passthrough mechanism is the WINS Referral, discussed above, which is found on a number of DNS server implementations.
A practical implementation of the foregoing is the process of a host that periodically monitors DNS data maintained in a DNS database stored by a DNS server. This monitoring is simplified by a DNS formatted message that is transmitted by a messaging routine from the host to the DNS server. The transmitted record preferably incorporates a minimum amount of data so as to make a prerequisite comparison of the client data stored by the DNS server to that stored by the host. If there is a match, then the inventive method permits no update to the DNS server and the inventive method calls for no server computer-to-server computer replication of the client data. If the DNS server reports to the host that there is no match, then the host transmits another DNS formatted message requesting the client data stored by the DNS server. The DNS server then transmits the client data back to the host. The host then determines the minimum changes that can be made to that received data so that a match will be made to the client data stored by the host. Those minimum data are placed in one ore more DNS formatted messages and transmitted over the network to the DNS server computer for the update to its client data.
After the client data stored by the DNS server has been updated to match the client data stored by the host, the DNS server then replicates the changes to other DNS servers by transmitting only the minimum changes in accordance with RFC 1995. As such, server-to-server traffic is minimized. By using Internet community protocols, the invention provides to a large and diverse group of networked entities using the DNS database a worldwide and interoperable system that minimizes network traffic.
These and other features of the present invention will become more fully apparent from the following description and obtained by means of the instruments and combinations particularly pointed out in the appended claims, or may be learned by the practice of the invention as set forth hereinafter.