1. Field of the Invention
The present invention relates generally to identifying various types of communication traffic and controlling movement of that traffic within a communications network. More specifically, the present invention relates to systems and methods for identifying protocols associated or intended to be associated with a particular communication, and providing services, such as redirection services, based on the type of protocol. The systems and methods rely, in part, on the ability to identify or predict particular protocols based on hostnames, and to redirect certain communications, but not others, based on the protocol associated with the communication.
2. Background of the Invention
One power of the Internet is the ability to connect two computers in geographically distant areas. Often, a computer user knows the precise IP Address of a computer with which he would like to connect. In such a situation, the user will submit the IP Address to the Internet infrastructure, and be connected directly to the desired computer.
Typically however, computer users do not know the actual IP Address of the computer they wish to contact. Rather, they know the name, in a human language, of the web page or e-mail address they wish to contact. In such a situation, they cannot connect directly to the computer of interest, but must rely on the network or Internet infrastructure to provide them the correct IP Address and make a connection to the target computer using a search and connect strategy. In general under such circumstances, information is transmitted through computer systems, such as networks and the Internet, from one user to another by way of a series of designated transfer point computers referred to as servers. The key server type in transmittal of information through networks is the domain name system server, or DNS server (used as an abbreviation for both the singular and plural). There are two main types of DNS servers: authoritative DNS and caching/recursive DNS. Authoritative DNS servers contain, among other things, a mapping of host names (typically human recognizable character strings) and Internet Protocol (IP) Addresses within their own particular domains. They supply a specific IP Address of a computer in their domain upon request from another computer (its client) in order to enable one computer to contact another. In contrast, caching/recursive DNS servers do not initially know IP Addresses of specific users' computers. Rather, caching/recursive DNS servers know how to find Authoritative DNS servers that have the name to IP Address mapping data. When a caching/recursive DNS server receives a request for an IP Address from a client, it contacts Authoritative DNS servers to identify the specific Authoritative DNS that knows the particular IP Address of interest to its client. Upon identifying proper authoritative DNS server, the caching/recursive DNS server contacts one or more of those, and obtains the IP Address of interest. The caching/recursive DNS server then returns the IP Address to its client so that a connection between the client and the computer at that IP Address can be made.
In a common scenario, the user types into the Internet browser resident on his personal computer a particular web site of interest in the form of a Uniform Resource Locator (URL; e.g., hypertext transfer protocol-colon-double slash-www-dot-paxfire-dot-com). The browser on the user's computer sends a request to a caching/recursive DNS server (typically a DNS owned and/or operated by his ISP; also referred to herein simply as a DNS server) to convert the host/domain name to an IP Address for it. The caching/recursive DNS server, if it knows this information from a previous lookup (hence the term “caching” is used), will supply it to the user's browser, and a connection between the two computers is made. If it does not know this information, it makes a request to an Authoritative DNS server to begin the process of querying authoritative servers for the IP Address information. Typically, the first Authoritative DNS queried is at the root level (also referred to as a “root DNS”) to begin the process of locating the Authoritative DNS server for the requested hostname/domain name. The root DNS servers contain a list (mapping) of which top-level domains exist, and the IP Addresses of the Authoritative DNS servers for each domain (example: .com). Once the caching/recursive server knows the IP Address of the top-level domain server, it contacts it directly to query about the hostname/domain name that it is looking for. The top-level domain server will respond to the query with a pointer to the second-level DNS servers that are authoritative for that domain, if it exists. The caching/recursive DNS server then queries the second-level DNS server that is authoritative for that domain for the IP Address of the hostname/domain name it is looking for, and if it exists, the server will respond with one or more valid IP Addresses to the request. If at any time an Authoritative server in the resolution path determines that the requested hostname/domain name does not exist, that Authoritative DNS informs the caching/recursive DNS server that the requested information does not exist, and this result is typically passed back to the user's browser. If the requested IP Address exists for the hostname/domain name, the caching DNS server then passes the IP Address down to the user's browser, and a connection is made between the two computers.
Use of IP Addresses as the common mode of identification of the various computers on the Internet provides a basic communication system upon which multiple different types of communication protocols can be layered. For example, communication protocols such as TCP, UDP, HTTP, HTTPS, and FTP can be used to specify transfer of certain information from one computer to another, where those computers are linked to each other based on their respective IP Addresses. Because the Internet IP routing infrastructure deals only with IP Addresses, the main function of a DNS server is to translate a hostname into an IP Address. One result of the layering effect and the function of DNS servers is that a DNS server does not know the type of higher-layer protocol used in any particular communication. Rather, it merely searches for a hostname within the communication it receives, and converts the hostname into an IP Address.
For example, if a user were to type in hypertext transfer protocol-colon-double slash-www-dot-paxfire-dot-com-slash-index-dot-html), the DNS server would receive only the hostname part of the URL: www.paxfire.com. Its job is to turn that hostname into a valid IP Address, and provide that IP Address to the requesting computer. Once that IP Address were known, the requesting computer would initiate a TCP connection and use the HTTP protocol in that connection with the Paxfire computer at the IP Address supplied, and request the file index.html. Likewise, if a user were to type in file transfer protocol-colon-double slash-www-dot-paxfire-dot-com-slash-index-dot-html, the DNS server would still only receive the hostname www.paxfire.com and attempt to obtain a valid IP Address, and provide that IP Address to the requesting computer. Once that IP Address were known, the requesting computer would initiate an FTP connection with the Paxfire computer at the IP Address supplied, and request the file index.html.
While the IP Address protocol system of the Internet provides a uniform protocol for connecting computers on the Internet, because DNS servers only receive hostnames to translate into IP Addresses, they cannot segregate communication requests based on the identity of higher-level protocols desired. Thus, the common implementation of DNS does not provide the ability to control traffic based on type of higher-level protocol being used. This shortcoming results in mis-communications and lost time, effort, and money.
Thus, there exists a need in the art for systems and methods for identifying, determining, or predicting the type of higher-level protocol being used in a particular Internet communication, and using this information to control communication traffic.