Search

EP-4740416-A1 - SYSTEM AND METHOD OF CACHING DNS RESPONSES FOR APPLICATION DETECTION

EP4740416A1EP 4740416 A1EP4740416 A1EP 4740416A1EP-4740416-A1

Abstract

The present invention relates to a system (125) and method (500) for caching DNS responses in a User Plane Function (UPF) (210) to enhance application detection. The method includes the step of establishing a connection with User Equipments (UEs) (110) and DNS units (220). The method includes the step of receiving at least one domain access request from the plurality of UEs (110). The method further includes the step of determining a destination Internet Protocol (IP) address of the at least one data packet by raising a first set of DNS queries to the plurality of DNS units (220). The method further includes the step of caching one or more responses received from the plurality of DNS units (220) in a DNS cache unit (230). By doing so, the system (125) and method (500) optimizes network traffic processing, improves performance, and enhances the user experience in application detection.

Inventors

  • BHATNAGAR, AAYUSH
  • JHA, ADITYAKAR
  • Ranjan, Anu
  • MALHOTRA, PANKAJ
  • Sengupta, Swarup
  • Mamgain, Ranjan
  • VASHISHTH, Yog

Assignees

  • Jio Platforms Limited

Dates

Publication Date
20260513
Application Date
20240627

Claims (20)

  1. 1. A method (500) of caching Domain Name Sever (DNS) responses for application detection, the method (500) comprising the steps of: establishing (505), by a User Plane Function (UPF) unit (210), a connection with a plurality of User Equipments (UEs) (110) and a plurality of DNS units (220); receiving (510), by the UPF unit (210), at least one domain access request from at least one of the plurality of UEs (110), wherein the least one domain access request includes information of at least one data packet; determining (515), by the UPF unit (210), a destination Internet Protocol (IP) address of the at least one data packet pertaining to the at least one domain access request, by raising a first set of DNS queries to the plurality of DNS units (220), wherein the first set of DNS queries are generated by the UPF unit (210); and caching (520), by the UPF unit (210), one or more responses received from the plurality of DNS units (220) pertaining to the first set of DNS queries in a DNS cache unit (230), wherein the one or more responses pertain to a domain name corresponding to the destination IP address of the at least one data packet.
  2. 2. The method (500) as claimed in claim 1, wherein the UPF unit (210) is connected with the plurality of UEs (110) and the plurality of DNS units (230) via a first interface unit (240) and a second interface unit (250), respectively.
  3. 3. The method (500) as claimed in claim 1 , wherein, upon receiving the at least one domain access request, the UPF unit (210) is configured to detect an application by utilizing the domain name corresponding to the destination IP address of the at least one data packet pertaining to the at least one domain access request stored in the DNS cache unit (230).
  4. 4. The method (500) as claimed in claim 1, wherein the UPF unit (210) is configured to raise a second set of DNS queries to update the DNS cache unit (230), wherein the second set of DNS queries are directed towards a set of plurality of known applications registered in the plurality of DNS units (220).
  5. 5. The method (500) as claimed in claim 4, wherein the UPF unit (210) is configured to cache responses to the second set of DNS queries in the DNS cache unit (230).
  6. 6. The method (500) as claimed in claim 1, wherein the UPF unit (210) is configured to retain information in the DNS cache unit (230) for a pre-defined time period before updating the DNS cache unit (230).
  7. 7. The method (500) as claimed in claim 1, wherein the DNS cache unit (230) is maintained in a standby UPF unit (260) as backup in events of a failure or restart.
  8. 8. The method (500) as claimed in claim 1, wherein the one or more responses pertain to the domain name mapped onto the corresponding destination IP address in the plurality of DNS units (220).
  9. 9. The method (500) as claimed in claim 8, wherein the UPF unit (210), retrieves the domain name mapped onto the corresponding destination IP address based on, matching the destination IP address against a domain name to IP address mapping table at the plurality of DNS units (220).
  10. 10. A system (125) for caching domain name sever (DNS) responses for application detection, the system (125) comprising: a plurality of DNS units (220); a User Plane Function (UPF) unit (210) in connection with the plurality of UEs (110) and the plurality of DNS units (220), wherein the UPF unit (210) is configured to: a receiving module (320) is configured to receive, at least one domain access request from at least one of the plurality of UEs (110), wherein the least one domain access request includes information of at least one data packet; a determining module (325) is configured to determine, a destination Internet Protocol (IP) address of the at least one data packet pertaining to the at least one domain access request by raising a first set of DNS queries to the plurality of DNS units (220); and a caching module (330) is configured to cache, one or more responses received from the plurality of DNS units (220) pertaining to the first set of DNS queries in a DNS cache unit (230), wherein the one or more responses pertain to a domain name corresponding to the destination IP address of the at least one data packet.
  11. 11. The system (125) as claimed in claim 10, wherein the UPF unit (210) is connected with the plurality of UEs (110) and the plurality of DNS units (220) via a first interface unit (240) and a second interface unit (250) respectively.
  12. 12. The system (125) as claimed in claim 10, wherein the UPF unit (210) is configured to detect an application by utilizing the domain name corresponding to the destination IP address of the at least one data packet pertaining to the at least one domain access request, stored in the DNS cache unit (230), on receiving at least one domain access request.
  13. 13. The system (125) as claimed in claim 10, wherein the UPF unit (210) is configured to raise a second set of DNS queries to update the DNS cache unit (230), wherein the second set of DNS queries are directed towards a set of plurality of known applications registered in the plurality of DNS units (220).
  14. 14. The system (125) as claimed in claim 13, wherein the UPF unit (210) is configured to cache responses to the second set of DNS queries in the DNS cache unit (230).
  15. 15. The system (125) as claimed in claim 10, wherein the UPF unit (210) is configured to retain information in the DNS cache unit (230) for a pre-defined time period before updating the DNS cache unit (230).
  16. 16. The system (125) as claimed in claim 10, wherein the DNS cache unit (230) is maintained in a standby UPF unit (260) in the event of a failure or restart.
  17. 17. The system (125) as claimed in claim 10, wherein the one or more responses pertain to the domain name mapped onto the corresponding destination IP address in the plurality of DNS units (220).
  18. 18. The system (125) as claimed in claim 17, wherein the UPF unit (210), retrieves the domain name mapped onto the corresponding destination IP address based on, matching the destination IP address against a domain name to IP address mapping table at the plurality of DNS units (220).
  19. 19. A plurality of User Equipment’s (UEs) (110) to communicate with the UPF unit (210), the plurality of UEs (110) comprises of: one or more primary processors (405), having a memory unit (410), communicatively coupled to the UPF unit (210), wherein said memory unit (410) stores instructions which when executed by the one or more primary processors (405) causes the UE (110) to: send, at least one domain access request to the UPF unit (210) for accessing a desired application from a set of plurality of known applications registered in a plurality of DNS unit (220) via the UPF unit (210), wherein the at least one domain access request includes information of at least one data packet; and wherein the UPF unit (210) is further configured to perform the steps as claimed in claim 1.
  20. 20. A non-transitory computer-readable medium having stored thereon computer- readable instructions that, when executed by a processor (305), causes the processor (305) to: establish, by the processor (305), a connection with a plurality of User Equipments (UEs) (110) and a plurality of DNS units (220); receive, by the processor (506), at least one domain access request from at least one of the plurality of UEs (110), wherein the least one domain access request includes information of at least one data packet; determine, by the processor (506), a destination Internet Protocol (IP) address of the at least one data packet pertaining to the at least one domain access request, by raising a first set of DNS queries to the plurality of DNS units (220), wherein the first set of DNS queries are generated by the UPF unit (210); and cache, by the processor (506), one or more responses received from the plurality of DNS units (220) pertaining to the first set of DNS queries in a DNS cache unit (230), wherein the one or more responses pertain to a domain name corresponding to the destination IP address of the at least one data packet.

Description

SYSTEM AND METHOD OF CACHING DNS RESPONSES FOR APPLICATION DETECTION FIELD OF THE INVENTION [0001] The present invention generally relates to the field of communication networks, and more specifically to a system and method of caching Domain Name Server (DNS) responses for application detection. BACKGROUND OF THE INVENTION [0002] In mobile communication networks, a User Plane Function (UPF) serves as a crucial interconnection point between the mobile infrastructure and the data network. The UPF facilitates the exchange of data packets between the mobile devices and the data network, performing various important functions such as packet processing, data buffering, policy enforcement, quality of service (QoS) enforcement, user plane accounting, lawful interception, and other standard-defined 3rd Generation Partnership Project (3GPP) functionalities. [0003] One of the key tasks of the UPF is to classify incoming packets of a user session based on their application type and apply the appropriate processing rules accordingly. The packet classification process involves identifying different types of traffic associated with a specific user session and mapping it to different processing legs based on the associated rules. This enables efficient handling and management of network traffic, ensuring optimized network performance and resource allocation. [0004] Conventionally, application detection for domain level entries in the UPF is performed through layer 3 application detection based on IP validation, where an IP database storing IP addresses corresponding to domain names and URLs configured for Application Detection Function (ADF) is maintained. Uplink packets' destination IP addresses are searched in this IP database to identify the corresponding application. This IP database is built based on DNS sniffing of each DNS packet response generated by the UE and checking for the presence of relevant domains which are configured for ADF. However, this process is computationally intensive and poses performance challenges in packet processing nodes like the UPF, especially when dealing with high volumes of traffic. [0005] Thus, there is a need of an optimal solution for processing the high volume of DNS packets in time and resource effective manner, and the subsequent CPU consumption for opening and analyzing each packet for relevant domain IP addresses. SUMMARY OF THE INVENTION [0006] One or more embodiments of the present invention provide a system and method of caching Domain Name Server (DNS) responses for application detection. [0007] In accordance with one embodiment, a method of caching DNS responses for application detection is disclosed. The method includes the step of establishing, by a User Plane Function (UPF) unit, a connection with a plurality of User Equipments (UEs) and a plurality of DNS units. Further, the method includes the step of receiving, by the UPF unit, at least one domain access request from at least one of the plurality of UEs. The at least one domain access request includes information of at least one data packet. The method includes the step of determining, by the UPF unit, a destination Internet Protocol (IP) address of the at least one data packet pertaining to the at least one domain access request, by raising a first set of DNS queries to the plurality of DNS units. The first set of DNS queries are generated by the UPF unit. Further, the method further includes the step of caching, by the UPF unit, one or more responses received from the plurality of DNS units pertaining to the first set of DNS queries in a DNS cache unit. The one or more responses pertain to a domain name corresponding to the destination IP address of the at least one data packet. [0008] In one embodiment, the UPF unit is connected with the plurality of UEs and the plurality of DNS units via a first interface unit and a second interface unit, respectively. [0009] In another embodiment, the method includes upon receiving the at least one domain access request, the UPF unit is configured to detect an application by utilizing the domain name corresponding to the destination IP address of the at least one data packet pertaining to the at least one domain access request stored in the DNS cache unit. [0010] In yet another embodiment, the method includes the step of raising a second set of DNS queries to the plurality of DNS units by the UPF unit. [0011] In yet another embodiment, the method includes the step of raising a second set of DNS queries to update the DNS cache unit by the UPF unit. The second set of DNS queries are directed towards a set of plurality of known applications registered in the plurality of DNS units. [0012] In yet another embodiment, the method includes the step of caching responses to the second set of DNS queries in the DNS cache unit by the UPF unit. [0013] In yet another embodiment, the method includes the step of retaining information in the DNS cache unit for a pre -defined time period befor