As is well known, websites available via the Internet are accessed using a domain name entered by a user. To enable a user's computing system to access the website, a conversion of the user-entered domain name to an Internet protocol (IP) address occurs. In general, this translation between domain name and IP address occurs in a manner provided for by the domain name system (DNS), which is a globally distributed system that provides for allocation of IP addresses to service providers, who in turn can provide particular addresses to their customers to use as addresses to web servers and other resources.
To enable the resolution of a domain name, which can be in the form of a fully qualified domain name (FQDN), namely a full domain name such as www.example.com, a request can be issued from a user's system to a DNS entity to request a corresponding IP address for a given domain name. DNS entities are arranged in a cascaded manner, from top level entities to lower level entities. While a single authoritative nameserver includes a forward zone record that provides this translation, various DNS caching entities may exist to cache this forward zone record in a variety of locations, to enable faster access to the information.
A current trend in information technology is the push towards cloud computing, in which businesses and other entities access various products and services remotely, e.g., via the Internet. To this end, infrastructure providers such as cloud service providers have massive data centers that provide a variety of computing resources that can be allocated to customers in a flexible manner. Some providers have certain resources that are dedicated to particular customers, and other so-called cloud resources that can be dynamically allocated to customers for limited time periods.
With the push towards cloud computing, various products and services that were historically purchased and/or licensed to particular users are now being offered in a service oriented architecture (SOA) by these cloud service providers.
One such service is a cloud DNS service, which generally provides the ability for a customer to manage a forward zone, which is a record that identifies an IP address for a domain name (specifically a FQDN) that the customer owns. In addition to forward zone records, reverse zone records also exist. A reverse zone is a record that identifies a FQDN for a given IP address. Before allowing a customer the ability to edit reverse zones, an infrastructure provider (who owns the authoritative nameserver for its IP addresses/reverse zones) typically performs some type of authentication process, such as determining which IP addresses are assigned to which customers, and which FQDNs are owned/managed by each customer. Information regarding which FQDNs are owned/managed by a customer is generally distributed in a DNS service, as domains can be used for a variety of endpoints (e.g., web site, load balancer, server, etc.). With distributed forward zone management, the DNS service is typically the central service that stores FQDNs assigned per customer.
For various infrastructure providers, IP address assignment and management is often not distributed because every product or service of the provider that uses an IP address would need to integrate with the distributed service to provide for a singular interface for customers to manage reverse zones. Instead, many cloud service providers assign IP address blocks to individual services to prevent having to create and integrate a distributed IP address management service, as creating a new service is costly.