WO2001026324A1 - Method for updating middleware-level names - Google Patents

Method for updating middleware-level names Download PDF

Info

Publication number
WO2001026324A1
WO2001026324A1 PCT/FI2000/000782 FI0000782W WO0126324A1 WO 2001026324 A1 WO2001026324 A1 WO 2001026324A1 FI 0000782 W FI0000782 W FI 0000782W WO 0126324 A1 WO0126324 A1 WO 0126324A1
Authority
WO
WIPO (PCT)
Prior art keywords
name
level
address
middleware
network
Prior art date
Application number
PCT/FI2000/000782
Other languages
French (fr)
Inventor
Arto Juhola
Original Assignee
Elisa Communications Oyj
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Elisa Communications Oyj filed Critical Elisa Communications Oyj
Priority to AU72912/00A priority Critical patent/AU7291200A/en
Publication of WO2001026324A1 publication Critical patent/WO2001026324A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/30Profiles
    • H04L67/306User profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]

Definitions

  • the invention relates to a method according to the preamble of claim 1 for updating the dynamic network-level bound addresses of middleware-level names in a name resolution system, whereby the method performs the update of at least one binding between a middleware-level name and its network-level bound address in a name resolution system.
  • middleware level is used when reference is made to levels 4-7 of the OSI (Open System Interconnection) model defined by ISO (International Organization for Standardization), said levels including the transport, session, presentation and application layers.
  • OSI Open System Interconnection
  • ISO International Organization for Standardization
  • the purpose of the name resolution system e.g., the DNS in the Internet, is to facilitate referencing an Internet resource by its DNS name without knowing the location of the resource.
  • the resource most generally is a so-called host which is a computer communicating with the Internet.
  • the DNS name is a name at the middleware level.
  • the network location of the resource is its location in the Internet which is denoted by an IP address assigned the resource as its network-level address.
  • an Internet application or client is not generally allowed to use a direct reference to, e.g., an IP address, when sending messages, but rather, the target must be addressed in a manner that is so highly location-independent as ever possible.
  • the terminal when terminals are connected to communications networks such as the Internet, using dynamic addresses which are addresses that are defined separately at the network level for each session, today typically being IP addresses, the terminal initiates communications with an access router of the operator system providing a connection for information communications, whereby the router assigns the dynamic network-level address that is valid for the ongoing session. Next, the terminal takes care of updating the dynamic network-level address to the name resolution system, which today typically is DNS.
  • DNS name resolution system
  • the terminal is made responsible for the task of updating its dynamic network-level address to the name resolution system.
  • the terminal software must at all times be retained updated to a level capable of performing such an address update.
  • the storage and running of the address update software consumes terminal storage capacity and processor time.
  • the arrangement also puts additional traffic load on the data transfer path between the access router of the service provider and the terminal inasmuch the dynamic network-level address must be submitted from the access router to the terminal and, vice versa, the dynamic network-level address must be retransmitted from the terminal to the access router, wherefrom the address is passed over an information network, today typically an IP network, to a name resolution system, today typically DNS.
  • the excess traffic puts an extra load on the data transfer path, particularly in cases when the dynamic IP addresses are assigned frequently. The latter case may be typically encountered on connections established from portable terminals. Hence, it is an important mission, particularly in the case of portable terminals, to minimize the portion of control information in the data flow transmitted over a data transfer path. For the operator, it is difficult to offer services based on binding information to a middleware-level name of the network terminal stored in the name resolution system when the network terminal performs changes in the information content bound to the terminal's middleware-level name.
  • the goal of the invention is achieved according to the invention by virtue of transferring the responsibility of updating the network-level bound address of the terminal's middleware-level name from the terminal to the operator's system.
  • the method according to the invention for updating the dynamic network-level bound addresses of middleware-level names in a name resolution system in which method is performed the update of at least one binding between a middleware-level name and its network-level bound address in a name resolution system, is characterized by what is stated in the characterizing part of claim 1.
  • the invention offers significant benefits.
  • the terminal is freed from the need to update its network-level address to the name resolution system, whereby there is no more any need to update the terminal software such that is capable of performing the update operation required in the prior art.
  • the terminal storage capacity and processor time need not be used in the storage and running of the address update software.
  • the data transfer path between the access router and the terminal is relieved from task of transmitting the terminal's network-level address from the access router to the terminal and, vice versa, from the terminal back to the access router. Resultingly, the portion of control information transmission over the data transfer path between the access router and the terminal is reduced.
  • it is also easier to provide services based on binding information to the network terminal's middleware-level name that is stored in the name resolution system when the network terminal is prevented from making changes in the information content bound to the terminal's middleware-level name.
  • FIG. 1 shows a block diagram representing an embodiment of the method according to the invention, in which method under the control of the operator's system is per- formed the update of the dynamic network-level bound address of a middleware- level name in a name resolution system, and the binding between the middleware- level name and its dynamic network-level name is canceled from the name resolution system.
  • the example is taken from TCP/IP protocol environment and it uses the DNS.
  • the method according to the invention may be applied in a respective manner also in other types of communications networks and/or using other type of name resolution system.
  • a given subscriber connection 10 is a connection to a circuit-switched or packet- switched communications network.
  • An operator system 11 comprises hardware that allows the operator to provide a connection to an IP network from said given subscriber connection 10 communicating with said operator system 11.
  • a user profile 12 includes the definition of services provided from the operator system 11 to said given subscriber connection 10, a network terminal device, a user person, application software or an instance of the user identity of the application software, said services being offered via the said operator system 11.
  • a first DNS name is such a DNS name that is used in order to identify said given subscriber connection 10, network terminal device, user person, a network terminal connected to said given subscriber connection 10 or application software and/or an instance of the application software running on said network terminal.
  • a first DNS server 13 is a name server of the DNS. The first DNS server 13 either has stored or is capable of storing therein a first DNS name.
  • a second DNS server 14 is such a DNS name server wherein the operator system 11 is privileged to perform update operations.
  • the second DNS server 14 either has stored or is capable of storing therein a second DNS name.
  • a dynamic IP address is such an IP address that the operator system 11 is capable of allocating by means of, e.g., its access router, to a given subscriber connection presently communicating with the operator system 11.
  • Steps 101 - 103 are carried out to determine and define the service to be provided and to establish a communications connection between said subscriber connection 10 and said operator system 11 :
  • a communications connection is established between said operator system 11 and said subscriber connection 10, and a given dynamic IP address is assigned said subscriber connection 10.
  • Next step 104 is carried out to store into the name resolution system the logical binding of the given dynamic IP address assigned said subscriber connection 10 to the first DNS name:
  • the operator system may perform the update operation directly to a first DNS server 13, wherein the first DNS name is stored or is storable, with the provision that the operator system is privileged to the update operation, or alternatively, to a second DNS server 14. In the latter alternative, however, it is mandatory to ensure that the requests pertaining to the first DNS name 13 are defined to be redirected to the second DNS server 14. Additionally, the expiration time of the binding of the first DNS name 13 to the given dynamic IP address is defined and linked with the given dynamic IP address as information pertaining thereto that is then submitted to the first DNS server 13 or the second DNS server 14.
  • the update operation is carried out so that the operator system 1 1 is controlled to communicate with said first name server 13 or said second name server 14 or a name server located in a recursion chain therebetween, and update information is generated in the operator system 11 as response to information retrieved on the basis of definitions in the user profile 12 and to other possible messages received from the name server as authentication, authorization and name server status signals.
  • the update information data packet is sent to the name server, wherefrom new data packets in turn may be received in an interactive manner.
  • the name resolution system creates a logical binding of a given IP address to said first DNS name.
  • step 104 is not carried out by way of directly updating the binding of a given dynamic IP address to said first DNS name, but rather, the binding of said first DNS name to the given dynamic IP address is formed via a recursive search chain, it is necessary to ensure that request messages pertaining to said first DNS name are directed to said second DNS server 14 containing the given dynamic IP address.
  • the control of such a redirection may be implemented by way of, e.g., storing at said first DNS server 13 the second DNS name in the CNAME-RR field that is associated with the first DNS name.
  • a request pertaining to the first DNS name returns a message containing the second DNS name, whereupon it is evident that a request pertaining to the second DNS name will be directed to the second name server, wherein the given dynamic IP address bound to the second DNS name is stored in an updated form.
  • step 104 If after step 104 is followed by a message which is sent to the name resolution system in the form of a request on the IP address bound to the first DNS name, the DNS returns the given dynamic IP address either directly or as a response to at least one additional search performed by the requesting system, whereupon the DNS names pertaining to the additional search(es) will be evident from the return message pertaining to the first DNS name or, recursively, from the subsequent return messages.
  • Step 105 is carried out to disconnect the communications connection, while step 106 is carried out to cancel the binding of the first DNS name to the given dynamic IP address, thus freeing the given dynamic IP address for later use:
  • Request to disconnect the communications connection is received at the opera- tor system 11 from the subscriber connection 10 and/or the communications connection between the operator system 11 and the subscriber connection breaks up.
  • Operator system 11 is controlled to communicate with said first name server 13 or said second name server 14 or a name server located in a recursion chain therebetween, and update information is generated in the operator system 11 as response to information retrieved on the basis of definitions embedded in the user profile 12 and to other possible messages received from the name server as authentication, authorization and name server status signals.
  • the update information data packets are sent to the name server, wherefrom in turn may be received new data packets in an interactive manner. Under the control of such information exchange, the binding of the first DNS name established directly or via a recursive search chain to the given dynamic IP address is canceled, thus freeing the given dynamic IP address for later use:
  • the dynamic IP address will not be assigned another subscriber connection by the operator system until the expiration time stored in the name resolution system indicating the duration of the binding of the given dynamic IP address to the first DNS name or the second DNS name has passed.
  • the expiration time is originally defined by the operator system and submitted to the name resolution system.
  • monitoring of the outgoing traffic to the subscriber connections may be arranged by means of an automatic traffic control system, such as a programmable active node for instance, that is situated in the operator system 11.
  • the automatic monitoring system is located so that data packets directed to at least one subscriber connection can be passed via the automatic monitoring system.
  • the return message data packets directed to said subscriber connection from the name resolution system are then first received at the operator system 1 1 and the network-level bound addresses of the DNS names in the return messages are bound to the dynamic IP addresses assigned said subscriber connection(s) so that the respective static bound IP addresses contained in the return messages directed to the given dynamic IP address are translated so as to be bound to the given dynamic IP address.
  • the static IP addresses bound to the given dynamic IP address and thus stored in the operator system 11 can be activated in the automatic monitoring system, whereby the automatic monitoring system becomes capable of barring the transmission of such data packets that have any of such static IP addresses as their source address and the given dynamic IP address as their target address.
  • the arrangement also permits monitoring of the return messages sent from the DNS and, at the detection of binding of the given dynamic IP address to any other name but the first DNS name, the automatic monitoring system is instructed to cancel the given dynamic IP address from the barring list.
  • the method according to the invention it is possible to direct messages that are sent toward a name server system from a single subscriber connection or a group of predetermined subscriber connections to a traffic controller which then directs the messages sent from said single subscriber connection or group of predetermined subscriber connections forward to a name resolution system so that the number of messages directed from the subscriber connection(s) to the name resolution system or, respectively, the number of messages directed from the name resolution system to the single subscriber connection or group of predetermined subscriber connections is not allowed to exceed a predetermined limit during a given interval, thus accomplishing a reduction in the operating rate required from the automatic monitoring system.
  • the term name is used in communications systems when reference is made to a symbolic identifier, such as the URN (Uniform Resource Name) for instance, which has no location-dependent portion.
  • URN Uniform Resource Name
  • name also used in the present context when reference is made to, e.g., the DNS host name that on one hand represents the name of a resource location inasmuch a host is seen by abstract resources as a location and, on the other hand, is also required to have a name that is independent from the network-level address, such as the IP address.
  • Name server is a system capable of submitting information assigned to a middleware-level name at the receipt of the middleware-level name with the provision that said middleware-level name is stored in the name server in concern.
  • the assigned information may include, e.g., the network-level bound name corresponding to a given middleware-level name.
  • Name resolution system is a system that at the receipt of a middleware-level name can resolve information assigned the middleware-level name with the provision that said middleware-level name is stored in the name resolution system in concern.
  • the name resolution system may comprise a plurality of name servers that may be updated by different parties, whereby name servers contain middleware-level name sets, or group of names, that are at least partially different from each other.
  • the term resource refers to an information network resource, whereby generally the term information network resource refers to a subscriber connection communicating with an information network, application software or an instance thereof running in an information network.
  • Network-level bound address is a bound address that at the network level represents a given middleware-level name to which the network-level address is assigned at a given instant of time; in other words, an information network resource having said given middleware-level name is at said given instant of time capable of receiving information at said network-level address and/or sending information from said network-level address that in the context of the present application and particularly in the claims appended thereto is called the network-level bound location or simply, the network-level bound address.
  • Subscriber connection is any connection to a circuit-switched or packet-switched data network.
  • Operator system comprises the framework that makes the operator capable of providing a connection into a data network, such as an IP network, from a subscriber connection communicating with the operator system over a communications path, as well as some types of services that can be provided over said communications path to said subscriber connection, an information network resource connected to said data network or, respectively, an information network resource that communicates via said subscriber connection with an information network resource also communicating with said data network.
  • a data network such as an IP network
  • Updating refers to information storage, deletion or changing in the system subject to updating.
  • User profile includes definitions that are stored in the operator system or are available to the operator system and serve to define the services offered to a given data network user, user group or data network resource.
  • tailored information network services such as the update of binding of the network-level address of the user's information network resource to a given middleware-level name in the operator system.
  • Information network resource is a subscriber connection, a network terminal connected thereto, application software or an instance thereof runnable on said terminal.
  • Recursive search chain is a sequence of requests placed to name servers on the basis of a given keyword, e.g., a given middleware-level name, whereby said given keyword generates in response another keyword, whose response is the desired resolution information or, possibly, a third keyword.
  • the response to the third keyword may be the desired resolution information or a fourth keyword.
  • the chain may be continued up to an nth keyword, where n is a natural number.
  • dynamic network-level address is used when reference is made to a network-level address that may be assigned by the operator system to a subscriber connection communicating with the operator system over a communications path.
  • a different dynamic network-level address may be allocated for the use of the subscriber connection during different connection sessions and the same dynamic network-level address may be allocated to another subscriber connection when the address is free from its binding to a previous subscriber connection.

Abstract

In this publication is disclosed a method for updating the dynamic network-level bound addresses of middelware-level names in a name resolution system. In the method according to the invention, the steps are carried out of binding (101) to a user profile (12) stored in the operator system (11) a definition of the responsibility of the operator system to perform in a name resolution system the update of the binding between the network-level address of the information network resource and its middleware name. When the allocation binding of a dynamic network-level address to a given subscriber connection or an information network resource communication via the same is detected to have been created or canceled, the update (104) of the binding information pertaining to a first middleware-level name and the respective dynamic network-level address is performed by the operator system (11) in a name resolution system.

Description

Method for updating middleware-level names
The invention relates to a method according to the preamble of claim 1 for updating the dynamic network-level bound addresses of middleware-level names in a name resolution system, whereby the method performs the update of at least one binding between a middleware-level name and its network-level bound address in a name resolution system.
In communications networks, the data flow there through is divided into hierarchical levels. Traffic at a given level of the hierarchical system is transparent to the elements of the other under/overlying hierarchical levels. In the context of the present application, the term middleware level is used when reference is made to levels 4-7 of the OSI (Open System Interconnection) model defined by ISO (International Organization for Standardization), said levels including the transport, session, presentation and application layers. Hence, middleware must be understood to represent the software that is capable of implementing the functionality of said layers.
In conventional techniques, the purpose of the name resolution system, e.g., the DNS in the Internet, is to facilitate referencing an Internet resource by its DNS name without knowing the location of the resource. In DNS, the resource most generally is a so-called host which is a computer communicating with the Internet. The DNS name is a name at the middleware level. In the case the DNS is applied, the network location of the resource is its location in the Internet which is denoted by an IP address assigned the resource as its network-level address. The ability to refer to a resource without knowing its location is important, since if the resource names and locations were not independent from each other, a change in the location of a given resource would lead to a cumbersome reconfiguration in each of the systems that refer to the dynamic resource in concern. Should the movable resource happen to be a server, the task can become very demanding. For this reason, an Internet application or client is not generally allowed to use a direct reference to, e.g., an IP address, when sending messages, but rather, the target must be addressed in a manner that is so highly location-independent as ever possible.
In the prior art, when terminals are connected to communications networks such as the Internet, using dynamic addresses which are addresses that are defined separately at the network level for each session, today typically being IP addresses, the terminal initiates communications with an access router of the operator system providing a connection for information communications, whereby the router assigns the dynamic network-level address that is valid for the ongoing session. Next, the terminal takes care of updating the dynamic network-level address to the name resolution system, which today typically is DNS.
It is a disadvantage of the prior art that the terminal is made responsible for the task of updating its dynamic network-level address to the name resolution system. Herein, the terminal software must at all times be retained updated to a level capable of performing such an address update. The storage and running of the address update software consumes terminal storage capacity and processor time. The arrangement also puts additional traffic load on the data transfer path between the access router of the service provider and the terminal inasmuch the dynamic network-level address must be submitted from the access router to the terminal and, vice versa, the dynamic network-level address must be retransmitted from the terminal to the access router, wherefrom the address is passed over an information network, today typically an IP network, to a name resolution system, today typically DNS. The excess traffic puts an extra load on the data transfer path, particularly in cases when the dynamic IP addresses are assigned frequently. The latter case may be typically encountered on connections established from portable terminals. Hence, it is an important mission, particularly in the case of portable terminals, to minimize the portion of control information in the data flow transmitted over a data transfer path. For the operator, it is difficult to offer services based on binding information to a middleware-level name of the network terminal stored in the name resolution system when the network terminal performs changes in the information content bound to the terminal's middleware-level name.
It is an object of the invention to provide an entirely novel type of method capable of overcoming the problems of the above-described prior art.
The goal of the invention is achieved according to the invention by virtue of transferring the responsibility of updating the network-level bound address of the terminal's middleware-level name from the terminal to the operator's system.
More specifically, the method according to the invention for updating the dynamic network-level bound addresses of middleware-level names in a name resolution system, in which method is performed the update of at least one binding between a middleware-level name and its network-level bound address in a name resolution system, is characterized by what is stated in the characterizing part of claim 1.
The invention offers significant benefits. The terminal is freed from the need to update its network-level address to the name resolution system, whereby there is no more any need to update the terminal software such that is capable of performing the update operation required in the prior art. Hence, the terminal storage capacity and processor time need not be used in the storage and running of the address update software. Moreover, the data transfer path between the access router and the terminal is relieved from task of transmitting the terminal's network-level address from the access router to the terminal and, vice versa, from the terminal back to the access router. Resultingly, the portion of control information transmission over the data transfer path between the access router and the terminal is reduced. For the operator, it is also easier to provide services based on binding information to the network terminal's middleware-level name that is stored in the name resolution system when the network terminal is prevented from making changes in the information content bound to the terminal's middleware-level name.
In the following, the invention is examined in detail with the help of an exemplifying embodiments by making reference to the attached drawing wherein
FIG. 1 shows a block diagram representing an embodiment of the method according to the invention, in which method under the control of the operator's system is per- formed the update of the dynamic network-level bound address of a middleware- level name in a name resolution system, and the binding between the middleware- level name and its dynamic network-level name is canceled from the name resolution system. The example is taken from TCP/IP protocol environment and it uses the DNS. The method according to the invention may be applied in a respective manner also in other types of communications networks and/or using other type of name resolution system.
The example illustrated in the block diagram of FIG. 1 uses elements denoted by reference numerals as follows:
A given subscriber connection 10 is a connection to a circuit-switched or packet- switched communications network.
An operator system 11 comprises hardware that allows the operator to provide a connection to an IP network from said given subscriber connection 10 communicating with said operator system 11.
A user profile 12 includes the definition of services provided from the operator system 11 to said given subscriber connection 10, a network terminal device, a user person, application software or an instance of the user identity of the application software, said services being offered via the said operator system 11.
A first DNS name is such a DNS name that is used in order to identify said given subscriber connection 10, network terminal device, user person, a network terminal connected to said given subscriber connection 10 or application software and/or an instance of the application software running on said network terminal. A first DNS server 13 is a name server of the DNS. The first DNS server 13 either has stored or is capable of storing therein a first DNS name.
A second DNS server 14 is such a DNS name server wherein the operator system 11 is privileged to perform update operations. The second DNS server 14 either has stored or is capable of storing therein a second DNS name.
A dynamic IP address is such an IP address that the operator system 11 is capable of allocating by means of, e.g., its access router, to a given subscriber connection presently communicating with the operator system 11.
The method is implemented by way of the steps described below. Steps 101 - 103 are carried out to determine and define the service to be provided and to establish a communications connection between said subscriber connection 10 and said operator system 11 :
101) Into user profile 12 stored in operator system 1 1 is embedded a definition of the responsibility of the operator system 11 to perform in a name resolution system the update of the dynamic IP address that is assigned the network resource communicating under the identity of said user profile with said operator system.
102) A communications connection is established between said operator system 11 and said subscriber connection 10, and a given dynamic IP address is assigned said subscriber connection 10.
103) In said operator system is identified an attempt to establish a communications connection from said subscriber connection 10 to said operator system, or alternatively, an already established communications connection between said subscriber connection 10 and said operator system 11 under the identity of said user profile 12, whereupon said operator system 11 retrieves the first DNS name and or the second DNS name corresponding to the identity of said user profile 12.
Next step 104 is carried out to store into the name resolution system the logical binding of the given dynamic IP address assigned said subscriber connection 10 to the first DNS name:
104) Into the name resolution system is updated a given dynamic IP address serving thereupon as a return response to a request pertaining to the first DNS address.
The operator system may perform the update operation directly to a first DNS server 13, wherein the first DNS name is stored or is storable, with the provision that the operator system is privileged to the update operation, or alternatively, to a second DNS server 14. In the latter alternative, however, it is mandatory to ensure that the requests pertaining to the first DNS name 13 are defined to be redirected to the second DNS server 14. Additionally, the expiration time of the binding of the first DNS name 13 to the given dynamic IP address is defined and linked with the given dynamic IP address as information pertaining thereto that is then submitted to the first DNS server 13 or the second DNS server 14. In a practical implementation, the update operation is carried out so that the operator system 1 1 is controlled to communicate with said first name server 13 or said second name server 14 or a name server located in a recursion chain therebetween, and update information is generated in the operator system 11 as response to information retrieved on the basis of definitions in the user profile 12 and to other possible messages received from the name server as authentication, authorization and name server status signals. Next, the update information data packet is sent to the name server, wherefrom new data packets in turn may be received in an interactive manner. Under this kind of control based on information exchange, the name resolution system creates a logical binding of a given IP address to said first DNS name. In the case that step 104 is not carried out by way of directly updating the binding of a given dynamic IP address to said first DNS name, but rather, the binding of said first DNS name to the given dynamic IP address is formed via a recursive search chain, it is necessary to ensure that request messages pertaining to said first DNS name are directed to said second DNS server 14 containing the given dynamic IP address. The control of such a redirection may be implemented by way of, e.g., storing at said first DNS server 13 the second DNS name in the CNAME-RR field that is associated with the first DNS name. Then, a request pertaining to the first DNS name returns a message containing the second DNS name, whereupon it is evident that a request pertaining to the second DNS name will be directed to the second name server, wherein the given dynamic IP address bound to the second DNS name is stored in an updated form.
If after step 104 is followed by a message which is sent to the name resolution system in the form of a request on the IP address bound to the first DNS name, the DNS returns the given dynamic IP address either directly or as a response to at least one additional search performed by the requesting system, whereupon the DNS names pertaining to the additional search(es) will be evident from the return message pertaining to the first DNS name or, recursively, from the subsequent return messages. Step 105 is carried out to disconnect the communications connection, while step 106 is carried out to cancel the binding of the first DNS name to the given dynamic IP address, thus freeing the given dynamic IP address for later use:
105) Request to disconnect the communications connection is received at the opera- tor system 11 from the subscriber connection 10 and/or the communications connection between the operator system 11 and the subscriber connection breaks up.
106) Operator system 11 is controlled to communicate with said first name server 13 or said second name server 14 or a name server located in a recursion chain therebetween, and update information is generated in the operator system 11 as response to information retrieved on the basis of definitions embedded in the user profile 12 and to other possible messages received from the name server as authentication, authorization and name server status signals. The update information data packets are sent to the name server, wherefrom in turn may be received new data packets in an interactive manner. Under the control of such information exchange, the binding of the first DNS name established directly or via a recursive search chain to the given dynamic IP address is canceled, thus freeing the given dynamic IP address for later use:
The dynamic IP address will not be assigned another subscriber connection by the operator system until the expiration time stored in the name resolution system indicating the duration of the binding of the given dynamic IP address to the first DNS name or the second DNS name has passed. In the above-described embodiment, the expiration time is originally defined by the operator system and submitted to the name resolution system.
In a similar fashion as is described above for Example 1, it is possible to cancel the binding of the first or second DNS name to the given dynamic IP address from the name resolution system also in the case that the binding is not initially formed by the operator system 11. Hence, this kind of binding can be formed according to the present method even when the binding is canceled by other techniques.
After the binding of the first DNS address to the given dynamic IP address has been canceled and it is still desirable to bar traffic directed to the given dynamic IP address that is formed on the basis of the first DNS name, monitoring of the outgoing traffic to the subscriber connections may be arranged by means of an automatic traffic control system, such as a programmable active node for instance, that is situated in the operator system 11. Herein, the automatic monitoring system is located so that data packets directed to at least one subscriber connection can be passed via the automatic monitoring system. The return message data packets directed to said subscriber connection from the name resolution system are then first received at the operator system 1 1 and the network-level bound addresses of the DNS names in the return messages are bound to the dynamic IP addresses assigned said subscriber connection(s) so that the respective static bound IP addresses contained in the return messages directed to the given dynamic IP address are translated so as to be bound to the given dynamic IP address.
When the binding of the first DNS name to the given dynamic IP address is canceled from the DNS, the static IP addresses bound to the given dynamic IP address and thus stored in the operator system 11 can be activated in the automatic monitoring system, whereby the automatic monitoring system becomes capable of barring the transmission of such data packets that have any of such static IP addresses as their source address and the given dynamic IP address as their target address. The arrangement also permits monitoring of the return messages sent from the DNS and, at the detection of binding of the given dynamic IP address to any other name but the first DNS name, the automatic monitoring system is instructed to cancel the given dynamic IP address from the barring list.
In the method according to the invention, it is possible to direct messages that are sent toward a name server system from a single subscriber connection or a group of predetermined subscriber connections to a traffic controller which then directs the messages sent from said single subscriber connection or group of predetermined subscriber connections forward to a name resolution system so that the number of messages directed from the subscriber connection(s) to the name resolution system or, respectively, the number of messages directed from the name resolution system to the single subscriber connection or group of predetermined subscriber connections is not allowed to exceed a predetermined limit during a given interval, thus accomplishing a reduction in the operating rate required from the automatic monitoring system.
The following definitions are given to clarify the meaning of certain terms used in the present application and particularly in the appended claims. Generation of data packets in the operator system for updates in the name resolution system takes place without control received from the subscriber connection. This is based on providing the operator system with a software facility that makes the system capable of generating the data packets needed for updates in the name resolution system.
The term name is used in communications systems when reference is made to a symbolic identifier, such as the URN (Uniform Resource Name) for instance, which has no location-dependent portion. The term name also used in the present context when reference is made to, e.g., the DNS host name that on one hand represents the name of a resource location inasmuch a host is seen by abstract resources as a location and, on the other hand, is also required to have a name that is independent from the network-level address, such as the IP address.
Name server is a system capable of submitting information assigned to a middleware-level name at the receipt of the middleware-level name with the provision that said middleware-level name is stored in the name server in concern. Herein, the assigned information may include, e.g., the network-level bound name corresponding to a given middleware-level name.
Name resolution system is a system that at the receipt of a middleware-level name can resolve information assigned the middleware-level name with the provision that said middleware-level name is stored in the name resolution system in concern. The name resolution system may comprise a plurality of name servers that may be updated by different parties, whereby name servers contain middleware-level name sets, or group of names, that are at least partially different from each other.
The term resource refers to an information network resource, whereby generally the term information network resource refers to a subscriber connection communicating with an information network, application software or an instance thereof running in an information network.
Network-level bound address is a bound address that at the network level represents a given middleware-level name to which the network-level address is assigned at a given instant of time; in other words, an information network resource having said given middleware-level name is at said given instant of time capable of receiving information at said network-level address and/or sending information from said network-level address that in the context of the present application and particularly in the claims appended thereto is called the network-level bound location or simply, the network-level bound address.
Subscriber connection is any connection to a circuit-switched or packet-switched data network.
Operator system comprises the framework that makes the operator capable of providing a connection into a data network, such as an IP network, from a subscriber connection communicating with the operator system over a communications path, as well as some types of services that can be provided over said communications path to said subscriber connection, an information network resource connected to said data network or, respectively, an information network resource that communicates via said subscriber connection with an information network resource also communicating with said data network.
Updating refers to information storage, deletion or changing in the system subject to updating.
User profile includes definitions that are stored in the operator system or are available to the operator system and serve to define the services offered to a given data network user, user group or data network resource. As a response to a query posed by said data network user to the user profile are offered tailored information network services such as the update of binding of the network-level address of the user's information network resource to a given middleware-level name in the operator system.
Information network resource is a subscriber connection, a network terminal connected thereto, application software or an instance thereof runnable on said terminal.
Recursive search chain is a sequence of requests placed to name servers on the basis of a given keyword, e.g., a given middleware-level name, whereby said given keyword generates in response another keyword, whose response is the desired resolution information or, possibly, a third keyword. The response to the third keyword may be the desired resolution information or a fourth keyword. The chain may be continued up to an nth keyword, where n is a natural number.
In the context of the present application and particularly in the claims appended thereto, the term dynamic network-level address is used when reference is made to a network-level address that may be assigned by the operator system to a subscriber connection communicating with the operator system over a communications path. A different dynamic network-level address may be allocated for the use of the subscriber connection during different connection sessions and the same dynamic network-level address may be allocated to another subscriber connection when the address is free from its binding to a previous subscriber connection.

Claims

What is claimed is:
1. Method of updating the dynamic network-level bound addresses of middleware- level names in a name resolution system, in which method is performed the update of at least one binding between a middleware-level name and its network-level bound address in a name resolution system,
c h a r a c t e r i z e d in that
- into a user profile ( 12) stored in an operator system ( 1 1 ) is embedded ( 101 ) a definition of the responsibility of the operator system (11) to perform in a name resolution system the update of the binding of a dynamic IP address of a network resource, which is or has been communicating with the operator system via a communications connection that is going to be or has been established to said operator system under the identity of said user profile (12), to the first middleware-level name of said resource, the operator system (11) detects (105) that an allocation of a given dynamic network-level address is ongoing, completed, being canceled or has been canceled for a given subscriber connection (10) and/or other information network resource that communicates with said operator system (11) via a given subscriber connection (10), and in response to the above step and the embedded definitions of the user profile (12), the operator system (11) updates (106) to a name resolution system the binding of said given dynamic network-level address to said first middleware- level name.
2. Method according to claim 1, c h a r a c t e r i z e d in that said update operation takes place when said operator system (11) detects (103) that a communications connection is being established from a given subscriber connection (10) under the identity of said user profile (12) or, alternatively, that a communications connection has been established from a given subscriber connection (10) to said operator system (11) under the identity of said user profile (12), whereby the operator system (11) updates (104) in said name resolution system said given dynamic network-level address to correspond to said middleware-level name that has been identified from said user profile (12) or retrieved on the basis of information contained therein.
3. Method according to any one of claims 1-2, characterized in that said update operation takes place when said operator system (11) detects (105) that said address allocation step is being canceled or has been canceled for said given subscriber connection (10) and/or other information network resource that communicates with said operator system (11) via said given subscriber connection (10), whereby the operator system (11) performs an update (106) in said name resolution system to cancel the binding of said given dynamic network-level address to said middleware-level name so as to cancel at least one binding between a first middleware-level name and a dynamic network address in the name resolution system.
4. Method according to any one of claims 1-3, characterized in that a communications connection is established (102) between said operator system (11) and said given subscriber connection ( 10) and a given dynamic network-level address is allocated for said given subscriber connection (10) in said operator system.
5. Method according to any one of claims 1-4, characterized in that said operator system (11) updates (104) said given dynamic network-level address as to represent the network level bound address of said first middleware-level name in a first name server (13) and/or cancels the binding of said first middleware-level name to its assigned dynamic network-level address in said first name server (13).
6. Method according to any one of claims 1-5, characterized in that said operator system (11) updates (104), as a response to a second middleware-level name obtained from a recursive search chain, said given dynamic network-level address (12) to a second name server (14) that is located at a distance from said first name server (13) in said recursive search chain and/or cancels (106) the logical binding of said middleware-level name to said dynamic network-level address, which binding was created by way of said recursive search, either directly from said second name server (14) or indirectly by way of updating one of the name servers preceding said second name server (14) in said recursive search chain.
7. Method according to any one of claims 1 - 6, c h a r a c t e r i z e d in that the update operation comprises the steps of:
in response to the established communications connection between said given subscriber connection (10) and the operator system (11) under the control of the identity of said user profile (12), to a request to establish such a communications connection, to the release of such a communications connection or to a change in the dynamic network-level address allocated to the information network resource communicating over said communications connection, the operator system (11) is controlled to communicate with said first (13) or second name server (14) or a name server included in the recursive search chain therebetween.
in response to the user profile (12) and information retrieved on the basis of definitions embedded in said user profile (12), and as in response to possible authentication and authorization messages received from said first name server (13) or said second name server (14) or any name server in the recursive search chain therebetween and to any possible name server status signals, the operator system (1 1) generates the content of certain data packets, and
said certain data packets are sent to said first name server (13) and said second name server (14).
Method according to any one of claims 1 - 6, c h a r a c t e r i z e d in that said name server system is of the type DNS, the name servers are name servers in a DNS, the middleware-level names are DNS names and the bound addresses at the network level are IP addresses.
9. Method according to any one of claims 1 - 8, c h a r a c t e r i z e d by comprising the steps of:
receiving a response message from a name resolution system in the operator system (1 1) or in an automatic monitoring system forming a portion thereof, said message being a response indicating the network-level bound address of said given middleware-level name when a request concerning said given dynamic network-level address is placed to said name resolution system,
binding said network-level bound address, which is contained in said response message of said name resolution system, to said given dynamic network-level address in said operator system (1 1) or said automatic monitoring system forming a portion thereof,
canceling a given dynamic network-level address allocated to said subscriber connection and activating said given dynamic network-level address, together with any network-level addresses associated therewith, on a barring list in said automatic monitoring system,
passing a data packet directed to said given dynamic network-level address into said automatic monitoring system forming a portion of said operator system (1 1), and
barring the progress of said data packet directed to said given dynamic network-level address via said automatic monitoring system if the destination address of said data packet is said given dynamic network-level address and the source address of the data packet is associated with said given dynamic network-level address on the barring list.
10. Method according to claims 9, characterized by comprising the steps of receiving in the operator system (11) from a name server system a response message indicating that said given dynamic network-level address which is included in the barring list is already allocated to another subscriber connection, and
canceling said given dynamic network-level address from the barring list.
11. Method according to any one of claims 8-9, characterized in that said monitoring system is a programmable active node.
12. Method according to any one of claims 1-11, characterized in that messages sent from said subscriber connection (10) or certain subscriber connections toward a name server system are directed to a traffic controller that forwards the messages sent from said subscriber connection or connections to a name resolution system so that the number of messages directed from said subscriber connection(s) to the name resolution system or, respectively, from the name resolution system to the single subscriber connection or group of predetermined subscriber connections will not exceed a predetermined limit during a given interval.
13. Method according to any one of claims 1-12, characterized in that at least one step according to the method is carried out as response to a definition embedded in said user- or user-group-specific user profile stored in said operator system.
14. Method according to any one of claims 1-12, characterized in that said first middleware-level name and said given network-level bound address bound thereto are stored in a database in said first name server (14)and the method comprises the steps of: defining said first middleware name to include therein a reference to said second middleware-level name,
- storing in the user profile that defines the services to be provided to said information network subscriber (10) a definition of the reference information to be included in the second middleware-level name,
checking whether the user profile defining the services to be provided to said information network subscriber (10) contains such information that urges a change of the name server (13) offering the name resolution service,
as a response to the user profile (12) defining the services to be provided to said information network subscriber (10), an automatic search is carried out to retrieve information determined to be associated with said second middleware- level name, such as the location information thereof, and storing said information in said second name server in a format associated with said second middleware-level name(14),
- receiving in said second name server (14) a request concerning said second middleware-level name, whereby said second middleware-level name will be compliant to said reference associated with said first middleware-name stored in said first name server (13), and
- as a response to the request sent concerning to said second middleware-level name, a search is initiated toward said second name server (14) on information pertaining to the new location of said second middleware-level name and/or other data related to the address of said second middleware-level name.
PCT/FI2000/000782 1999-09-16 2000-09-15 Method for updating middleware-level names WO2001026324A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU72912/00A AU7291200A (en) 1999-09-16 2000-09-15 Method for updating middleware-level names

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI19991973 1999-09-16
FI991973A FI115326B (en) 1999-09-16 1999-09-16 Method for Upgrading Dynamic Network-Level Matching Addresses of Middleware-Level Names to a Name Resolution System

Publications (1)

Publication Number Publication Date
WO2001026324A1 true WO2001026324A1 (en) 2001-04-12

Family

ID=8555297

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI2000/000782 WO2001026324A1 (en) 1999-09-16 2000-09-15 Method for updating middleware-level names

Country Status (3)

Country Link
AU (1) AU7291200A (en)
FI (1) FI115326B (en)
WO (1) WO2001026324A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008049970A1 (en) * 2006-10-25 2008-05-02 Nokia Corporation Method for controlling access to a network in a communication system
US20210328811A1 (en) * 2018-04-05 2021-10-21 T-Mobile Usa, Inc. Recursive token binding for cascaded service calls

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5790548A (en) * 1996-04-18 1998-08-04 Bell Atlantic Network Services, Inc. Universal access multimedia data network
US5878212A (en) * 1995-07-31 1999-03-02 At&T Corp. System for updating mapping or virtual host names to layer-3 address when multimedia server changes its usage state to busy or not busy
GB2333670A (en) * 1998-01-19 1999-07-28 Ericsson Telefon Ab L M Address allocation
EP1039685A2 (en) * 1998-10-29 2000-09-27 Nortel Networks Limited Trusted network binding using LDAP (lightweight directory access protocol)

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5878212A (en) * 1995-07-31 1999-03-02 At&T Corp. System for updating mapping or virtual host names to layer-3 address when multimedia server changes its usage state to busy or not busy
US5790548A (en) * 1996-04-18 1998-08-04 Bell Atlantic Network Services, Inc. Universal access multimedia data network
GB2333670A (en) * 1998-01-19 1999-07-28 Ericsson Telefon Ab L M Address allocation
EP1039685A2 (en) * 1998-10-29 2000-09-27 Nortel Networks Limited Trusted network binding using LDAP (lightweight directory access protocol)

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
C.-J. PARK ET AL.: "The improvement for integrity between DHCP and DNS", HIGH PERFORMANCE COMPUTING ON THE INFORMATION SUPERHIGHWAY, 1997. HPC ASIA '97, 28 April 1997 (1997-04-28) - 2 May 1997 (1997-05-02), pages 511 - 516, XP002937267, [retrieved on 20010219] *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008049970A1 (en) * 2006-10-25 2008-05-02 Nokia Corporation Method for controlling access to a network in a communication system
US8239930B2 (en) 2006-10-25 2012-08-07 Nokia Corporation Method for controlling access to a network in a communication system
CN101523856B (en) * 2006-10-25 2013-01-23 诺基亚公司 Method for controlling access to a network in a communication system
US20210328811A1 (en) * 2018-04-05 2021-10-21 T-Mobile Usa, Inc. Recursive token binding for cascaded service calls
US11956371B2 (en) * 2018-04-05 2024-04-09 T-Mobile Usa, Inc. Recursive token binding for cascaded service calls

Also Published As

Publication number Publication date
FI19991973A (en) 2001-03-17
FI115326B (en) 2005-04-15
AU7291200A (en) 2001-05-10

Similar Documents

Publication Publication Date Title
US9888066B2 (en) System and method of binding a client to a server
US20060069836A1 (en) Communication system and method for upgrade of user terminal software and user terminal upgraded by the same
US7330470B2 (en) Router and sip server
JP3641128B2 (en) MOBILE COMPUTER DEVICE, MOBILE COMPUTER MANAGEMENT DEVICE, MOBILE COMPUTER MANAGEMENT METHOD, AND COMMUNICATION CONTROL METHOD
US6154776A (en) Quality of service allocation on a network
KR100472952B1 (en) A SIP(Session Initiation Protocol) Load Balancing Apparatus and Method
US7426737B2 (en) Method and apparatus for operating an open API network having a proxy
US7139559B2 (en) System and method for handshaking between wireless devices and servers
EP0998099B1 (en) Network address management
US7231660B1 (en) Method and system for preventing unauthorized server interference in an internet protocol network
CN111327668B (en) Network management method, device, equipment and storage medium
JP3562995B2 (en) Service quality control device
US6002930A (en) Method and apparatus for assigning personality information to roaming mobile radios
US7949735B2 (en) Transaction process for the provisioning of rules in a rule-based network
WO2001026324A1 (en) Method for updating middleware-level names
US20040157562A1 (en) Requests in a communication system
US20040199643A1 (en) Distributed service component systems
US7406045B2 (en) Modular policy decision point for processing resource-reservation requests within a data network
WO2001026284A1 (en) Method for controlling traffic in a data network
CN114584558B (en) Cloud edge cooperative distributed API gateway system and API calling method
EP1082847A1 (en) Method for submitting user profiles to a telecommunications network
CN114125025A (en) Data transmission method and device under multi-target network
CN117435214A (en) FPGA program burning method, device, equipment and storage medium
JP4617203B2 (en) Server apparatus and communication connection method
CN115695301A (en) Method and device for sending message to be transmitted, storage medium and electronic device

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ CZ DE DE DK DK DM DZ EE EE ES FI FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP