Domain Name System (DNS) security using process information is provided. An application accessing an internet service using a domain name is determined. Process information associated with the application along with an associated DNS query to identify an IP address associated with the domain name are identified. The process information and the associated DNS query to a DNS security service are sent. An action based on a response from the DNS security service is performed.

A network address assigned a shared designation by a first client computer is received, in a first data format, automatically, at a host computer from the first client computer. The network address is categorized and published. Publishing the network address includes converting the network address into a second data format, receiving, at the host computer, a subscription request from a second client computer, and sending the network address to the second client computer in response to receiving the subscription request.

The present disclosure provides an Internet of Things communication method and apparatus. The method includes: receiving a resource addition request transmitted by a client, where the resource addition request is used to indicate addition of an identification of a reference resource into a collection resource on the first server; performing communication with the reference resource according to an access location of the reference resource and the identification of the reference resource; adding the identification of the reference resource into the collection resource if the communication between the first server and the reference resource is successful. In this way, before adding the reference resource, the first server first performs communication with the reference resource, and adds the identification of the reference resource into the collection resource after determining that the communication between the first server and the reference resource is successful, thereby ensuring the validity of the reference resource.

An apparatus for correcting MAC addresses includes a device port for connecting to a computing device with a colliding MAC address with potential to collide with MAC addresses of other computing devices within a computer network. The apparatus includes a network port for connecting to a network device connected to other computing devices. A reassignment module is configured to assign a non-colliding MAC address in place of the colliding MAC address of the computing device and a replacement module is configured to replace the colliding MAC address of a datagram received on the device port with the non-colliding MAC address and transmit the datagram with the non-colliding MAC address from the network port to the network device, and to replace the non-colliding MAC address of a datagram received on the network port with the colliding MAC address and transmit the datagram with the colliding MAC address to the computing device.

An apparatus and method can include monitoring whether a consumer of a target network receives a resource identifier, a first apiRoot identifying a producer, and a second apiRoot identifying the producer and a producer network. The first apiRoot is for routing a service request to the producer, and the second apiRoot is for routing the service request to the producer if the target network is different from the producer network. The method further comprises identifying the producer network based on the second apiRoot, and deciding whether the target network is different from the producer network. If the target network is not different from the producer network, the service request is sent wherein the resource is identified by the first apiRoot and the identifier. If the target network is different from the producer network, the service request is sent wherein the resource is identified by the second apiRoot and the identifier.

In one embodiment, a domain name system (DNS) server processes a DNS query based on a policy statement that is attached to the DNS query. Upon receiving the DNS query, the DNS server executes one or more commands specified in the policy statement to generate a query state. The query state controls DNS resolution behavior that the DNS server implements as part of processing the DNS query. The DNS server then performs one or more DNS resolution operations based on DNS query and the query state to generate a response. Advantageously, because the semantics of the policy statement are encapsulated within the policy statement, the policy statement enables a client to unambiguously control DNS resolution behavior. By contrast, conventional DNS resolution guidance mechanisms that rely on DNS servers to infer policies based on client data may not reflect the preferences of the clients.

In one embodiment, a domain name system (DNS) server processes a DNS query based on a policy statement that is attached to the DNS query. Upon receiving the DNS query, the DNS server executes one or more commands specified in the policy statement to generate a query state. The query state controls DNS resolution behavior that the DNS server implements as part of processing the DNS query. The DNS server then performs one or more DNS resolution operations based on DNS query and the query state to generate a response. Advantageously, because the semantics of the policy statement are encapsulated within the policy statement, the policy statement enables a client to unambiguously control DNS resolution behavior. By contrast, conventional DNS resolution guidance mechanisms that rely on DNS servers to infer policies based on client data may not reflect the preferences of the clients.

Provisioning a set of tunnel endpoint aliases for a tunnel endpoint. A request is sent from the first tunnel endpoint to the second tunnel endpoint over a control plane of a network to provision the set of tunnel endpoint aliases. The second tunnel endpoint generates the set of tunnel endpoints and sends a response including the set of tunnel endpoint aliases to the first tunnel endpoint over the control plane. The first tunnel endpoint sends network traffic over the network tunnel that includes a tunnel endpoint alias of the set of tunnel endpoint aliases received.

Provisioning a set of tunnel endpoint aliases for a tunnel endpoint. A request is sent from the first tunnel endpoint to the second tunnel endpoint over a control plane of a network to provision the set of tunnel endpoint aliases. The second tunnel endpoint generates the set of tunnel endpoints and sends a response including the set of tunnel endpoint aliases to the first tunnel endpoint over the control plane. The first tunnel endpoint sends network traffic over the network tunnel that includes a tunnel endpoint alias of the set of tunnel endpoint aliases received.

A system and method are provided for routing content requests. On a given server network, content requests comprising a character string may be routed up a hierarchical network topology until a linear chain, corresponding to the character string, is identified. Thus, the content request is forwarded up the hierarchy until an intersecting server network is reached. Then the content request is forwarded down the hierarchy until, along a published linear chain corresponding to the character string, until a content source is reached. Content is provided to the requestor along a reverse path of the content request.