The present invention relates to computer systems and more particularly to techniques for resolving requests for domain name information using a recursive DNS nameserver.
The Domain Name System or Domain Name Service (DNS) is a system that stores information, such as Internet Protocol (IP) addresses, associated with domain names. Domain names are names assigned to a computer host or groups of computer hosts. Typically, a domain name is made up of alphabetic characters and is easier to remember than a numeric IP address assigned to a computer host. The computer host or groups of computer hosts often provides network services such as web servers, email servers, application servers, and the like, accessible using the domain name.
Whenever an application uses a domain name when requesting network services, a DNS nameserver receives the request and translates the domain name into the corresponding IP address. For example, the domain name “www.cnet.com” might translate to 216.239.115.141. For any group of computer hosts in the DNS system there is likely to be a single master list of domain names and associated IP addresses. The group of computer hosts is called a zone. A zone could be a generic top-level domain (gTLD), such as “com,” or a department within a company or university. Within the zone, DNS service for subsidiary zones may be delegated. The DNS nameserver that maintains the master list for the zone is said to have authority for that zone and is called an authoritative DNS nameserver.
Aside from an authoritative DNS nameserver, DNS nameserver functions are generally divided up into two elements: a nameserver and a resolver. The nameserver responds to DNS requests or queries by supplying domain name to IP address conversions. When the nameserver does not know the response to the request for domain name information, the resolver will ask another DNS nameserver, such as the authoritative DNS nameserver, for the information. Resolving usually entails recursing through several DNS nameservers, possibly until the root of the DNS name space is reached, to find the needed information. A recursive DNS nameserver typically is a computer system that processes DNS requests for domain names for which the recursive DNS nameserver is not authoritative.
FIG. 1 illustrates processing of a DNS request in the prior art. In this example, a user computer 105 makes a DNS request 110, for example for the IP address of the domain name “www.cnet.com,” to an Internet Service Provider (ISP) DNS nameserver 120. The ISP DNS nameserver 120 is part of a group of ISP DNS nameservers 115. The ISP DNS nameserver 120 typically is a recursive DNS nameserver and communicates with several upstream DNS nameservers (e.g., root DNS nameservers 130) to resolve DNS requests.
In general, the ISP DNS nameserver 120 attempts to resolve the DNS request 110 from information stored in a local cache, which may be local cache shared by the group 115. The ISP DNS nameserver 120 maintains the local cache with domain name records that have already been resolved to improve performance in responding to subsequent DNS requests. A request for a domain name not contained in the local cache may result in overwriting of an existing cache entry, if the capacity of the local cache has been reached. One problem is that the size of the local cache for the group of ISP DNS nameservers 115 is generally too small compared to the size needed to store domain name information for all domains requested by computer hosts, such as the user computer 105. The benefit of having the local cache is lost when the user computer 105 makes requests for domain names from the ISP DNS nameservers 115, and the newly requested domain name records replace too quickly the domain name records in the local cache.
Another problem is that the ISP DNS nameservers 115 may not respect time-to-live information associated with a domain name record. The ISP DNS nameservers 115 can store a particular domain name record in the local cache for an extended time such that they respond to the user computer 105 with a stale or incorrect IP address for the requested domain. Additionally, the ISP DNS nameservers 115 can increase network traffic and reduce server response time by deleting or replacing the particular domain name record in the cache before such action is needed. The ISP DNS nameservers 115 then make unnecessary requests to other DNS nameservers for information that would otherwise be in the local cache.
Referring again to FIG. 1, if the ISP DNS nameserver 120 finds the requested domain name record in the local cache, the nameserver responds with the domain name record including the IP address of “www.cnet.com” in a DNS response 170 to the user computer 105. If the ISP DNS nameserver 120 is not able to locally resolve the DNS request 110, the ISP DNS nameserver 120 makes a DNS request 125 to root DNS nameservers 130. The root DNS nameservers 130, such as in the case of the Internet, are responsible for defining points of delegation in top level domains, such as “coin,” “edu,” and “net.” The root DNS nameservers 130 can include multiple nameservers 135 and 140 that perform this function by providing a DNS response 145 with information that points the ISP DNS nameserver 120 to authoritative DNS nameservers 155 for the domain name “cnet.com.”
The ISP DNS nameserver 120 then responds to the information 145 by sending a DNS request 150 to an authoritative DNS nameserver 160 for the domain name “www.cnet.com.” The authoritative DNS nameserver 160 resolves the DNS request 150 for the domain name “www.cnet.com” and returns a DNS response 165 to the ISP DNS nameserver 120 with the IP address of the computer host(s) at “www.cnet.com.” The ISP DNS nameserver 120 caches the DNS response 165 in the local cache for future use, and forwards the DNS response 165 received from the authoritative DNS nameservers 155 to the user computer 105 in the DNS response 170.
FIG. 2 is an illustration of the authoritative DNS nameserver 160 (FIG. 1) storing domain name records in the prior art. In this example, the authoritative DNS nameserver 160 is a typical computer system with a processor 210 coupled to a communications interface 220 and a storage 230 via a system bus 240. The communications interface 220 exchanges data with a communications network, such as the Internet, via line 250. The processor 210 receives DNS requests from the Internet and resolves the DNS requests based on domain name records, such as a DNS record 260 stored in the storage 230. The DNS record 260 includes a domain name 270, which is used as a key to lookup a corresponding IP address 280, and includes a time-to-live (TTL) value 290.
When the IP address 280 of a computer host changes or a particular network service is moved to a new computer host, a DNS administrator for the authoritative DNS nameserver 160 changes the IP address 280 associated with the domain name record 260 of the computer host. Thus, a user of the nameserver 160 can continue to access the computer host or particular network service by using the same domain name. Additionally, the DNS administrator for the authoritative DNS nameserver 160 can increase the TTL value 290 such that the domain name information persists longer in the local caches of a recursive DNS nameserver.
However, as discussed above, a recursive DNS nameserver may not respect the TTL value 290 due to inadequate resources, or the like. Another problem is that recursive DNS nameservers depend on the DNS administrator for the authoritative DNS nameserver 160 to properly administer and update the DNS record 260. If the DNS administrator does not update the DNS record 260 or the authoritative DNS nameserver 160 fails, the recursive DNS nameservers cannot access the DNS record 260 to provide reliable DNS services.
In light of the above, there is a need for techniques for resolving DNS requests using a recursive DNS nameserver that address some of the problems in the prior art.