The present application discloses a method, system, and computer system for predicting responses to DNS queries. The method includes receiving a DNS query comprising a subdomain portion and a root domain portion from a client device, determining whether to obtain target address information corresponding to the DNS from a predictive cache, in response to determining to obtain the target address information from the predictive cache, obtaining the target address information from the predictive cache, and providing the target address information to the client device.

The present application discloses a method, system, and computer system for predicting responses to DNS queries. The method includes receiving a DNS query comprising a subdomain portion and a root domain portion from a client device, determining whether to obtain target address information corresponding to the DNS from a predictive cache, in response to determining to obtain the target address information from the predictive cache, obtaining the target address information from the predictive cache, and providing the target address information to the client device.

The present application describes systems and methods for populating a DNS cache of a recursive DNS server using information gathered by a threat intelligence system. The threat intelligence system may collect some or all DNS responses from one or more recursive DNS servers as the one or more DNS servers process various received requests. Since the threat intelligence engine has access to this DNS data, the DNS data may be used to seed a DNS cache of a recursive DNS server.

The present application describes systems and methods for populating a DNS cache of a recursive DNS server using information gathered by a threat intelligence system. The threat intelligence system may collect some or all DNS responses from one or more recursive DNS servers as the one or more DNS servers process various received requests. Since the threat intelligence engine has access to this DNS data, the DNS data may be used to seed a DNS cache of a recursive DNS server.

A switch device for relaying flow data in an in-vehicle network, being equipped with an acquiring section for acquiring correspondence information indicating at least a correspondence relationship among a transmission destination IP address, a transmission source IP address, transmission destination port information, transmission source port information and a transmission destination MAC address and a relay section for acquiring the transmission destination MAC address from the correspondence information on the basis of the transmission destination IP address, the transmission source IP address, the transmission destination port information and the transmission source port information included in a frame that is received by the switch device and constitutes the flow data and for performing transmission processing to transmit the frame including the acquired transmission destination MAC address.

Described embodiments provide systems and methods for invalidating a cache of a domain name system (DNS) information based on changes in internet protocol (IP) families. A mobile device having one or more network interfaces configured to communicate over a plurality of networks using a plurality of internet protocol (IP) families is configured to maintain a cache storing DNS information of one or more IP addresses of a first IP family of the plurality of IP families used by the mobile device for a connection to a first network of the plurality of networks. The device can detect a change in the connection of the mobile device from the first network using the first IP family to a second network using a second IP family different from the first IP family and flush at least the DNS information of one or more IP addresses of the first IP family from the cache to prevent use by the mobile device of an IP address that corresponds to an invalid cache entry.

Described embodiments provide systems and methods for invalidating a cache of a domain name system (DNS) information based on changes in internet protocol (IP) families. A mobile device having one or more network interfaces configured to communicate over a plurality of networks using a plurality of internet protocol (IP) families is configured to maintain a cache storing DNS information of one or more IP addresses of a first IP family of the plurality of IP families used by the mobile device for a connection to a first network of the plurality of networks. The device can detect a change in the connection of the mobile device from the first network using the first IP family to a second network using a second IP family different from the first IP family and flush at least the DNS information of one or more IP addresses of the first IP family from the cache to prevent use by the mobile device of an IP address that corresponds to an invalid cache entry.

A data processing system having an address resolution function for deriving MAC addresses. The set of MACs defined for the devices on the network encode physical position or logical identifier information of those devices. Therefore, each of these MACs is derivable using a mapping function that maps the physical position or logical identifier information supplied by an application to the MAC addresses of the devices on the network. When the protocol processing entity has to send data over the network, it can obtain the MAC address for the destination determined on the basis of the physical position or logical identifier supplied by the application. In this way, since the MACs are derivable on the basis of the physical positions or logical identifiers, the broadcasting of ARP request messages, which would otherwise be required when the protocol processing entity requires the MAC for the destination, may be avoided.

A network controller provides proactive notification of a wireless client device's address rotation to layer 2 (L2) and/or layer 3 (L3) devices. Traditional methods of device address discovery rely on broadcasting of address queries across a plurality of links until a path to a device having the queried address responds. As device address changes become more frequent in an effort to improve user privacy, traditional methods of address discovery impose a large burden on networks, reducing their performance and efficiency. By proactively propagating address changes to upstream devices, the need for broadcast oriented address discovery techniques is reduced, resulting in improved network performance.

There is disclosed in one example a home router, including: a hardware platform including a processor and a memory; a local area network (LAN) interface; a data store including rules for domain name-based services; and instructions encoded within the memory to instruct the processor to: provision a certificate and key pair to provide domain name system (DNS) over hypertext transfer protocol secure (DoH) or DNS over transport layer security (DoT) services; receive on the LAN interface an encrypted DNS request; decrypt the DNS request; query the data store according to the DNS request; receive a rule for the DNS request; and execute the rule.