+

WO2015117667A1 - Traitement d'accès à un service sur un serveur dans un réseau de communications - Google Patents

Traitement d'accès à un service sur un serveur dans un réseau de communications Download PDF

Info

Publication number
WO2015117667A1
WO2015117667A1 PCT/EP2014/052459 EP2014052459W WO2015117667A1 WO 2015117667 A1 WO2015117667 A1 WO 2015117667A1 EP 2014052459 W EP2014052459 W EP 2014052459W WO 2015117667 A1 WO2015117667 A1 WO 2015117667A1
Authority
WO
WIPO (PCT)
Prior art keywords
user terminal
server
service
dns
determining
Prior art date
Application number
PCT/EP2014/052459
Other languages
English (en)
Inventor
Jan Backman
Original Assignee
Telefonaktiebolaget L M Ericsson (Publ)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget L M Ericsson (Publ) filed Critical Telefonaktiebolaget L M Ericsson (Publ)
Priority to PCT/EP2014/052459 priority Critical patent/WO2015117667A1/fr
Publication of WO2015117667A1 publication Critical patent/WO2015117667A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/40Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass for recovering from a failure of a protocol instance or entity, e.g. service redundancy protocols, protocol state redundancy or protocol service redirection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/563Data redirection of data network streams

Definitions

  • Embodiments presented herein relate to preventing access to a service on a server, and particularly to a method, a network node, a computer program, and a computer program product for preventing access to a service on a server.
  • One component associated with operation of the communications network relates to handling requests for a service from an end-user terminal (such as a mobile phone, a smartphone, a tablet computer, a laptop computer, or a desktop computer) to a server in the communications network.
  • an end-user terminal such as a mobile phone, a smartphone, a tablet computer, a laptop computer, or a desktop computer
  • some applications running on the end-user terminal may be configured to directly (i.e., without explicit input from or involvement of an end-user of the end-user terminal) interact with the application servers (hereinafter simply denoted as servers).
  • the application as run on the end-user terminal may repeatedly try to connect to the server until such a connection is successful. Such repeated attempts to connect to the server may occur with increasing frequency. Such a behavior of the application may thus drain the battery of the end-user terminals. Further, since every new attempt to access the server will not only wake up the end- user terminal, but also require network resources, this behavior will also increase the signaling load in the packet core network part of the
  • the signaling in the communications network may increase drastically and the communications network may be loaded more than dimensioned for, both regarding signaling, packet core resources and radio resources.
  • the above noted requests for a server may trigger activation of a bearer.
  • An object of embodiments herein is to provide improved handling of network traffic in communications networks.
  • a particular object is therefore to improve handling of network traffic in communications networks by analysing the requests for access to servers in the communications networks.
  • a method for preventing access to a service on a server is performed by a network node.
  • the method comprises receiving a domain name system (DNS) request from an end-user terminal.
  • DNS domain name system
  • the DNS request relates to access of a service on at least one server by an application running on the end-user terminal.
  • the method comprises determining whether the service associated with the DNS request is accessible or not by the end-user terminal at any of the at least one server.
  • the method comprises, in a case the service associated with the DNS request is determined not accessible, responding to the DNS request with a DNS response comprising an address local to the end-user terminal, thereby preventing the end-user terminal from accessing the service.
  • this enables prevention of queries for services that are not accessible to (or available for) the end-user terminal and thereby enables signaling in the communications network to be decreased.
  • this may improve radio resource utilization in the
  • this may reduce unnecessary battery usage in the end-user terminal, thus prolonging the uptime of the end-user terminal and thus improving the end-user experience.
  • the network node comprises a processing unit and a non-transitory computer readable storage medium.
  • the non-transitory computer readable storage medium comprises instructions executable by the processing unit.
  • the network node is operative to receive a domain name system (DNS) request from an end-user terminal.
  • DNS domain name system
  • the DNS request relates to access of a service on at least one server by an application running on the end-user terminal.
  • the network node is operative to determine whether the service associated with the DNS request is accessible or not by the end-user terminal at any of the at least one server.
  • the network node is operative to, in a case the service associated with the DNS request is determined not accessible, respond to the DNS request with a DNS response comprising an address local to the end-user terminal, thereby preventing the end-user terminal from accessing the service.
  • a computer program for preventing access to a service on a server comprising computer program code which, when run on a network node, causes the network node to perform a method according to the first aspect.
  • a computer program product comprising a computer program according to the third aspect and a computer readable means on which the computer program is stored.
  • any feature of the first, second, third and fourth aspects may be applied to any other aspect, wherever appropriate.
  • any advantage of the first aspect may equally apply to the second, third, and/or fourth aspect, respectively, and vice versa.
  • Other objectives, features and advantages of the enclosed embodiments will be apparent from the following detailed disclosure, from the attached dependent claims as well as from the drawings.
  • all terms used in the claims are to be interpreted according to their ordinary meaning in the technical field, unless explicitly defined otherwise herein.
  • All references to "a/an/the element, apparatus, component, means, step, etc.” are to be interpreted openly as referring to at least one instance of the element, apparatus, component, means, step, etc., unless explicitly stated otherwise.
  • the steps of any method disclosed herein do not have to be performed in the exact order disclosed, unless explicitly stated.
  • Fig la is a schematic diagram illustrating a communication network according to embodiments.
  • Fig lb is a schematic diagram illustrating parts of the communication network of Fig la according to prior art
  • Fig lc is a schematic diagram illustrating parts of the communication network of Fig la according to embodiments
  • Fig 2a is a schematic diagram showing functional modules of a network node according to an embodiment
  • Fig 2b is a schematic diagram showing functional units of a network node according to an embodiment
  • Fig 3 shows one example of a computer program product comprising computer readable means according to an embodiment
  • Figs 4 and 5 are flowcharts of methods according to embodiments.
  • Fig la shows a schematic overview of an exemplifying communications network na where embodiments presented herein can be applied.
  • the communications network na comprises a base station (BS) 13 providing network coverage in a cell (not shown).
  • An end-user terminal (T) 12 positioned in a particular cell is thus provided network service by the base station 13 serving that particular cell.
  • the communications network 11a may comprise a plurality of base stations 13 and a plurality of end-user terminals 12 operatively connected to at least one of the plurality of base stations 13.
  • the base station 13 is operatively connected to a core network 14.
  • the core network 14 may provide services and data to the end-user terminals 12 operatively connected to the base station 13 from an external Internet Protocol (IP) packet switched data network 15.
  • IP Internet Protocol
  • An end-user terminal 12 may further have a wired connection to the external IP packet switched data network 15.
  • the IP network 15 comprises at least one server (S) 18.
  • the at least one server 18 hosts a service which an application 12a running on the end-user terminal 12 is requesting access to.
  • the communications network 11a further comprises a network node 16.
  • network node 16 Further details of the network node 16 will be disclosed below.
  • At least parts of the communications network 11a may generally comply with any one or a combination of W-CDMA (Wideband Code Division Multiplex), LTE (Long Term Evolution), EDGE (Enhanced Data Rates for GSM
  • W-CDMA Wideband Code Division Multiplex
  • LTE Long Term Evolution
  • EDGE Enhanced Data Rates for GSM
  • base stations 13 include, but are not limited to, base transceiver stations (BTS), Node Bs, Evolved Node Bs (eNodeBs), and wireless access points (APs).
  • BTS base transceiver stations
  • eNodeBs Evolved Node Bs
  • APs wireless access points
  • end-user terminals 12 include, but are not limited to end-user equipment such as mobile phones, smartphones, tablet computers, laptop computers, and stationary computers.
  • an end-user terminal 12 as herein disclosed may have either a wireless connection, or a wired connection, or both a wireless connection and a wired connection to the IP packet switched network 15.
  • the communications network 11a may comprise any combinations of purely wirelessly end-user terminals 12, purely wired connected end-user terminals 12, and end-user terminals with both wireless and wired connections.
  • Fig lb schematically illustrates a part lib of the exemplifying
  • Fig lb is showing a simplified infrastructure for handling Domain Name System (DNS) requests with DNS servers and DNS caches according to prior art (hence, without the herein disclosed network node 16).
  • DNS Domain Name System
  • entries of the end-user terminal DNS cache 12c, the infrastructure DNS cache 15a, and the domain DNS cache 15b are cached at most 3600 s (i.e., the cache entries have a time to live (TTL) of at most 3600 s after that a DNS request is forwarded to the next DNS handling unit (e.g., from the end-user terminal DNS cache to the infrastructure DNS cache).
  • TTL time to live
  • Each DNS handling unit is arranged to decrease the TTL in its issued DNS response according to the TTL left.
  • Fig lc schematically illustrates a part 11c of the exemplifying communications network 11a.
  • Fig lc is showing a simplified infrastructure for handling DNS requests with DNS servers and DNS caches, where in addition to Fig lb, a network node 16 has been added to the core network 14.
  • Fig lc schematically illustrates how the DNS responses may be changed when a server failure is detected (i.e., when a service associated with a DNS request from an end-user terminal 12 is not accessible by the end-user terminal 12 at any of the servers 18) and when the server 18 is available again (i.e., when the service associated with a DNS request from an end-user terminal 12 is accessible by the end-user terminal 12 from at least one of the servers 18). Further details of operation of the part 11c of the exemplifying
  • the embodiments disclosed herein relate to preventing access to a service on a server 18.
  • a network node 16 a method performed by the network node 16, a computer program comprising code, for example in the form of a computer program product, that when run on the network node 16, causes the network node 16 to perform the method.
  • Fig 2a schematically illustrates, in terms of a number of functional modules, the components of a network node 16 according to an embodiment.
  • a processing unit 22 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), application specific integrated circuit (ASIC), field programmable gate arrays (FPGA) etc., capable of executing software instructions stored in a computer program product 31 (as in Fig 3), e.g. in the form of a storage medium 24.
  • the a storage medium 24 may also comprise persistent storage, which, for example, can be any single one or combination of magnetic memory, optical memory, solid state memory or even remotely mounted memory.
  • the network node 16 may further comprise a communications interface 23 for communications with other devices in the communications network 11a. As such, the
  • the communications interface 23 may comprise one or more transmitters and receivers, comprising analogue and digital components and a suitable number of ports for such communications.
  • the processing unit 22 controls the general operation of the network node 16 e.g. by sending data and control signals to the communications interface 23 and the storage medium 24, by receiving data and reports from the communications interface 24, and by retrieving data and instructions from the storage medium 24.
  • Other components, as well as the related functionality, of the network node 16 are omitted in order not to obscure the concepts presented herein.
  • Fig 2b schematically illustrates, in terms of a number of functional units, the components of a network node 16 according to an embodiment.
  • the network node 16 of Fig 2b comprises a number of functional units; a receive unit 22a, a determine unit 22b, and a respond unit 22c.
  • the network node 16 of Fig 2b may further comprises a number of optional functional units, such as any of a compare unit 22d, and a provide unit 22e.
  • the functionality of each functional unit 22a-e will be further disclosed below in the context of which the functional units may be used. In general terms, each functional unit 22a-e may be implemented in hardware or in software.
  • the processing unit 22 may thus be arranged to from the storage medium 24 fetch instructions as provided by a functional unit 22a-e and to execute these instructions, thereby performing any steps as will be disclosed hereinafter.
  • Figs 4 and 5 are flow chart illustrating embodiments of methods for preventing access to a service on a server 18. The methods are performed by the network node 16. The methods are advantageously provided as computer programs 32.
  • Fig 3 shows one example of a computer program product 31 comprising computer readable means 33. On this computer readable means 33, a computer program 32 can be stored, which computer program 32 can cause the processing unit 22 and thereto operatively coupled entities and devices, such as the communications interface 23 and the storage medium 24 to execute methods according to embodiments described herein.
  • the computer program 32 and/or computer program product 31 may thus provide means for performing any steps as herein disclosed.
  • the computer program product 31 is illustrated as an optical disc, such as a CD (compact disc) or a DVD (digital versatile disc) or a Blu-Ray disc.
  • the computer program product 31 could also be embodied as a memory, such as a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM), or an electrically erasable programmable read-only memory (EEPROM) and more particularly as a non-volatile storage medium of a device in an external memory such as a USB (Universal Serial Bus) memory.
  • RAM random access memory
  • ROM read-only memory
  • EPROM erasable programmable read-only memory
  • EEPROM electrically erasable programmable read-only memory
  • the computer program 32 is here schematically shown as a track on the depicted optical disk, the computer program 32 can be stored in any way which is suitable for the computer program product 31.
  • Fig 4 illustrating a method for preventing access to a service on a server 18 according to an embodiment. The method is performed by the network node 16.
  • an application 12a running on an end-user terminal 12 requests access of a service on at least one server 18. This request results in the end-user terminal 12 sending a domain name system, (DNS) request.
  • DNS domain name system
  • the processing unit 22 of the network node 16 is therefore arranged to, in a step S102, receive a DNS request from an end-user terminal 12.
  • the DNS request relates to access of a service on at least one server 18 by an application 12a running on the end-user terminal 12.
  • the network node 16 then investigates whether or not the service is accessible by the end-user terminal 12.
  • the processing unit 22 of the network node 16 is arranged to, in a step S104, determine whether the service associated with the DNS request is accessible or not by the end-user terminal 12 at any of the at least one server 18. As will be further disclosed below, this may involve determining whether there are connectivity issues or not in the communications network 11a. This determination may be achieved by supervising the access to different IP addresses and servers 18 in the communications network 11a. Supervision may be performed by keeping statistics for the destinations and domains.
  • the network node 16 responds to the DNS request with an address that is local to the end-user terminal 12.
  • the processing unit 22 of the network node 16 is arranged to, in a step S106, if determined that the service associated with the DNS request is not accessible by the end-user terminal 12 at any of the at least one server 18, respond to the DNS request with a DNS response comprising an address local to the end-user terminal 12.
  • the end- user terminal 12 is thereby prevented from accessing the service, since the DNS response comprises the local address and not the address of the at least one server 18 requested by the DNS request in step S102.
  • addresses local to the end-user terminal 12 may be an Internet protocol (IP) address of the end-user terminal 12.
  • IP Internet protocol
  • the address local to the end-user terminal 12 may be an Internet protocol (IP) address of a device in a local network of the end-user terminal 12.
  • the address local to the end-user terminal 12 may be a loopback address.
  • Fig 5 illustrating methods for preventing access to a service on a server 18 according to further embodiments.
  • the processing unit 22 of the network node 16 is arranged to, in an optional step S108, and in a case it has been determined that the service is accessible by the end-user terminal 12 on at least one server 18 of the at least one server 18 associated with the DNS request, prevent forwarding of the DNS request to any server 18 associated with the DNS request and not accessible by the end-user terminal
  • step S104 determine whether the service associated with the DNS request is accessible or not. Different embodiments relating thereto will now be described in turn.
  • the actual server 18 may be down.
  • the server 18 may be down for a number of reasons; the server 18 may have a power outage.
  • the processing unit 22 of the network node 16 is therefore arranged to, in an optional step Si04a, determine that the service is not operating.
  • lowering the load on the servers 18 that are down could imply that it could be easier to get the servers 18 up and running again.
  • connection to the server 18 may be down.
  • the connectivity to the server 18 may be lost for a number of reasons; a cable to the server 18 may be broken, etc.
  • the processing unit 22 of the network node 16 is therefore arranged to, in an optional step Si04b, determine that there is no operable network connection to the at least one server 18.
  • DNS requests for selected servers 18 may result in a device-local address being returned as in step S106. This would decrease signaling load in the communications network 11a (e.g., with signaling levels close to maximum capacity in at least one of the access network, the core network, and the IP network).
  • DNS requests or DNS queries for selected servers 18 may result in a device-local address being returned as in step S106. This would decrease signaling load in the communications network 11a (e.g., with signaling levels close to maximum capacity in at least one of the access network, the core network, and the IP network).
  • the selection of which server 18 or servers 18 are accessible or not by the end-user terminal 12 may depend on the content of the service as hosted by the server 18.
  • the content may be associated with a level of priority.
  • different services may be associated with different levels of priority. This may enable that for one end-user terminal 12 an emergency service is available whilst a gaming service is not available.
  • the application 12a may be associated with a priority value.
  • the processing unit 22 of the network node 16 is arranged to, in an optional step S104I, determine that the service associated with the DNS request is not accessible by the end-user terminal 12 by determining a network load of a network through which the at least one server 18 is connectable by the end-user terminal 12 to be higher than a predetermined threshold value associated with the priority value.
  • the end-user terminal 12 may be associated with a user account.
  • the user account may be associated with a pre-paid quota and hence be a so- called pay-as-you-go, pay-as-you-talk, pay and go, prepaid wireless, or prepay und-user terminal.
  • a prepaid end-user terminal 12 being out of quota would not be able to access prepaid service on a server 18, but the application 12a running on the end-user terminal 12, may still try to connect to the service by sending DNS requests.
  • the processing unit 22 of the network node 16 is arranged to, in an optional step Si04m, determine that the service associated with the DNS request is not accessible by the end- user terminal 12 by determining the user account to be out of quota for accessing the service.
  • the end-user terminal 12 is associated with a user account which in turn may be associated with a subscription service.
  • the subscription may only have a limited set of destinations/services allowed.
  • the processing unit 22 of the network node 16 is arranged to, in an optional step Si04n, determine that the service associated with the DNS request is not accessible by the end-user terminal 12 by determining the user account not to have a subscription to the subscription service.
  • connectivity problems may be identified by supervising access statistics to often contacted IP addresses (or servers 18) in the
  • Statistics may be kept over the most frequent domains queried by name lookups towards the DNS servers, so as to identify a frequency of occurrence of requests on IP level to a particular server 18 (or address). The statistics may thus indicate that connectivity to a server 18 is down.
  • the processing unit 22 of the network node 16 is therefore arranged to, in an optional step S104C, compare the DNS request to stored data.
  • the stored data comprises statistics over frequently requested network domains.
  • the processing unit 22 of the network node 16 may further be arranged to, in an optional step Si04d, determine that the service is not accessible by the end-user terminal 12 in a case the statistics indicate that the service is associated with a network domain being requested more often than a predetermined threshold limit.
  • the frequency of data towards the IP addresses pointed to by the DNS request may be measured.
  • the processing unit 22 of the network node 16 is thus arranged to, in an optional step Si04e, determine that the service associated with the DNS request is not accessible by the end-user terminal 12 by determining a frequency of occurrence of DNS requests towards IP addresses pointed to by the DNS request to be higher than a predetermined threshold value.
  • the rate between the number of requests and the amount of data transferred per request in the communications network 11a may be monitored. That is, the average data delivery per request may be monitored. Measurements of such monitoring may vary over time, but if the average data volume per request suddenly drops to close to zero for most users using the same server domain (address or domain name), then a server failure can be anticipated.
  • the processing unit 22 of the network node 16 is thus arranged to, in an optional step Si04f, determine that the service associated with the DNS request is not accessible by the end- user terminal 12 by determining a ratio between the number of DNS requests transmitted to the at least one server 18 and the amount of data transferred from the at least one server 18 per DNS request to be higher than a
  • the above disclosed monitoring may be performed on a transmission control protocol (TCP) level alone.
  • TCP transmission control protocol
  • the processing unit 22 of the network node 16 is thus arranged to, in an optional step Si04g, determine that the service associated with the DNS request is not accessible by the end-user terminal 12 by determining a ratio between the number of TCP packets towards IP addresses pointed to by the DNS request and the number of TCP packet from IP addresses pointed to by the DNS request to be higher than a predetermined threshold value.
  • the cause for radio service requests to a server 18 may be correlated with a lower average traffic volume from the server 18, this can be used as and indicator that the server 18 is down. According to an
  • processing unit 22 of the network node 16 is thus arranged to, in an optional step S104I1, determine a correlation between the number of DNS requests and the traffic volume in the communications network 11a. Identification of the likely cause of a service request can be done by
  • the processing unit 22 of the network node 16 is thus arranged to, in an optional step Si04j, determine that the service associated with the DNS request is not accessible by the end- user terminal 12 by determining the number of failed HTTP requests to the at least one server 18 to be higher than a predetermined threshold value.
  • a per flow uplink/downlink traffic ratio for the first few seconds after the bearer has been established may be used as a way of identifying issues for that flow. If suddenly a predetermined amount of flows during a predetermined time-frame, such as 1 to 5 minutes) to the same server 18 has the same issue, then the service on the server 18 is unreachable and hence not accessible by the end-user terminal 12.
  • the processing unit 22 of the network node 16 is thus arranged to, in an optional step Si04k, determine that the service associated with the DNS request is not accessible by the end-user terminal 12 by determining a ratio between uplink traffic and downlink traffic on a bearer during a predetermined amount of time after activation of the bearer, where the bearer is used for the DNS request.
  • the end-user terminal 12 is arranged to cache DNS responses according to their ITL (time to live) value. This means that the owner of a domain has set a certain time interval that a DNS entry is valid. This certain time interval may be in the range of hours to days.
  • the TTL is lowered to seconds or minutes for rapid propagation of the new configuration. This may be performed at least as much time in advance as the old TTL configuration to work as intended.
  • the DNS response may thus comprise a TTL value determining a DNS cache time in the end-user terminal 12.
  • TTL value determining a DNS cache time in the end-user terminal 12.
  • the TTL value may be changed if it is deemed too high or too low as such.
  • the processing unit 22 of the network node 16 is arranged to, in an optional step Sio6a, determine the TTL value of a network DNS server of the at least one server 18 to be different from a desired value; and if so, in an optional step Sio6b: provide the end- user terminal 12 with a predetermined TTL value being different from the TTL value of the network DNS server.
  • the TTL value of the network DNS server of the at least one server 18 may be higher or lower than desired.
  • the TTL value of the network DNS server may be 3600 s and the predetermined TTL value provided to the end-user terminal 12 may be either 1200 s or 4200 s.
  • the TTL value may be lowered or increased when failure occurs (i.e., when the service associated with the DNS request is not accessible by the end-user terminal 12 at any of the at least one server 18).
  • the network node 16 is associated with two different TTL values; a first TTL value and a second TTL.
  • the first TTL value relates to the service being available and the second TTL value relates to the service being unavailable.
  • the DNS response comprises the second TTL value in a case the DNS request is not accessible by the end-user terminal 12 at any of the at least one server 18.
  • the second TTL value may be lower than the first TTL value, or vice versa.
  • the TTL values in in the DNS response may need to be shortened so that the network node 16 can receive DNS requests (see, e.g., step S102) from the end-user terminal 12 often enough in order to be able to change the TTL values included in the DNS response to the end- user terminal 12 when the requested service is not accessible by the end-user terminal 12.
  • the network node 16 may be arranged to change the TTL value in DNS responses resulting from DNS request for the most frequent sites (server 18s) in the communications network 11a. This can be achieved by analyzing the DNS responses from the network DNS servers and lower the TTL values before sending the DNS response to the end-user terminal 12.
  • a DNS response TTL value of in the order of, say, five minutes may allow the entire communications network 11a to have recovered from an outage only five minutes after the problem has been identified. If assumed that the poll rate of the application 12a triggering the DNS request is fifteen minutes, then most of the end-user terminals 12 will not even experience the network outage.
  • This query populates the infrastructure DNS server 15a and the DNS cache 12c.
  • the network node 16 is arranged to reduce the TTL from 3600 s to 1200 s, as this is assumed to be the desired maximum time for a device to stop using the IP address of a failed server 18. This TTL value is therefor also what is cached in the device DNS cache 12c.
  • the service is detected to be unavailable, or at least not accessible by the end-user terminal 12 (which then may have been identified by monitoring flows from other end-user terminals, or this end- user terminal 12).
  • the server 18 (or at least its service) is detected as recovered (which may have been done by allowing a few end-user terminals try to connect to the service just to get new server statistics).
  • the network node i6 may then be arranged to respond to the end-user terminal 12 with the actual IP addresses of the server/service and an updated TTL value.
  • the updated TTL value will be 900 s, which is less than the 1200 s configured in the network node 16. This is a result of the TTL value aging and this is the result from the query to the DNS server 15a.
  • the inventive concept has mainly been described above with reference to a few embodiments.
  • the herein disclosed embodiments are not limited to or dependent on IPv4 signalling and are agnostic to the IP version used and hence applicable to any IP-like protocol based on features as disclosed herein.
  • the herein disclosed network node 16 is not dependent on signalling in the core network 14 and may alternatively be located in the IP network 15, or yet alternatively in the base station 13.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Telephonic Communication Services (AREA)

Abstract

La présente invention consiste à empêcher un accès à un service sur un serveur. Une demande DNS (système d'adressage par domaine) est reçue d'un terminal d'un utilisateur final. La demande DNS concerne un accès à un service sur au moins un serveur par une application s'exécutant sur le terminal de l'utilisateur final. Il est déterminé si le service associé à la demande DNS est accessible ou non par le terminal de l'utilisateur final dans le serveur ou dans n'importe lequel des serveurs. Dans un cas où il est déterminé que le service associé à la demande DNS n'est pas accessible, il est répondu à la demande DNS par une réponse DNS comprenant une adresse locale au terminal de l'utilisateur final, empêchant de cette façon le terminal de l'utilisateur final d'accéder au service.
PCT/EP2014/052459 2014-02-07 2014-02-07 Traitement d'accès à un service sur un serveur dans un réseau de communications WO2015117667A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2014/052459 WO2015117667A1 (fr) 2014-02-07 2014-02-07 Traitement d'accès à un service sur un serveur dans un réseau de communications

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2014/052459 WO2015117667A1 (fr) 2014-02-07 2014-02-07 Traitement d'accès à un service sur un serveur dans un réseau de communications

Publications (1)

Publication Number Publication Date
WO2015117667A1 true WO2015117667A1 (fr) 2015-08-13

Family

ID=50070567

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2014/052459 WO2015117667A1 (fr) 2014-02-07 2014-02-07 Traitement d'accès à un service sur un serveur dans un réseau de communications

Country Status (1)

Country Link
WO (1) WO2015117667A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050235044A1 (en) * 2004-04-20 2005-10-20 Tazuma Stanley K Apparatus and methods relating to web browser redirection
EP1718034A1 (fr) * 2005-04-25 2006-11-02 Thomson Multimedia Broadband Belgium Procédé et passerelle pour la gestion de requêtes d'adresse
US20120311375A1 (en) * 2011-06-01 2012-12-06 Microsoft Corporation Redirecting requests to secondary location during temporary outage

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050235044A1 (en) * 2004-04-20 2005-10-20 Tazuma Stanley K Apparatus and methods relating to web browser redirection
EP1718034A1 (fr) * 2005-04-25 2006-11-02 Thomson Multimedia Broadband Belgium Procédé et passerelle pour la gestion de requêtes d'adresse
US20120311375A1 (en) * 2011-06-01 2012-12-06 Microsoft Corporation Redirecting requests to secondary location during temporary outage

Similar Documents

Publication Publication Date Title
US12063592B2 (en) User plane system selection based on latency
JP6632676B2 (ja) ポリシールールをモバイルエッジに配信するための方法、システム、およびコンピュータ読取可能媒体
JP5977882B2 (ja) 高ネットワーク負荷シナリオを管理するネットワーク制御されたアダプティブ端末挙動
JP5890527B2 (ja) トラフィック検出ネットワーク制御のためのシステムおよび方法
JP2022509188A (ja) ユーザアクセス制御方法、情報送信方法および装置
US9088904B2 (en) Bundled charging for over-the-top and hosted services in IP wireless networks
US9860136B2 (en) Providing network congestion information to mobile devices for sponsored data
US10721151B2 (en) Method for locating a bottleneck in a radio communication network
EP3687135B1 (fr) Surveillance de dispositifs, et procédé et appareil de désinscription
US11751023B2 (en) Charging function fallback
US10027448B2 (en) Methods of adapting codec data rate based on radio condition to improve LTE service coverage and capacity
JP2014511090A (ja) インテリジェントな輻輳存在通知サービス
JP2017526291A (ja) 無線ネットワークアクセス制御方法、装置、およびシステム
CN104219788A (zh) 一种物联网终端的接入方法及装置
WO2016061788A1 (fr) Procédé et système de télécommunication
US9426688B2 (en) Determining a frequency for a client device to use to connect to a network
WO2019015755A1 (fr) Procédés et nœuds permettant de fournir ou de sélectionner un nœud de trafic utilisateur
US9380462B1 (en) Detecting unauthorized tethering
WO2015117667A1 (fr) Traitement d'accès à un service sur un serveur dans un réseau de communications
US8918843B1 (en) Detecting unauthorized tethering
US20160095059A1 (en) Methods and systems for improving wireless network capacity
EP3895469A1 (fr) Gestion de l'utilisation de données de rat secondaire pour un ue
WO2021233375A1 (fr) Attribution d'adresse ip dans un réseau de communication sans fil
US9191805B2 (en) Connecting devices to a policy charging rules function device
JP2016149619A (ja) 無線通信システム、ポリシー制御装置及び通信制御方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14703365

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14703365

Country of ref document: EP

Kind code of ref document: A1

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载