公开(公告)号：US10728133B2

公开(公告)日：2020-07-28

申请号：US16154580

申请日：2018-10-08

Applicant: Amazon Technologies, Inc.

Inventor： Craig Wesley Howard ,  Hardeep Singh Uppal

IPC: G06F15/173 ,  H04L12/26 ,  G06F16/957 ,  G06F16/955 ,  H04L29/12

Abstract: Systems and methods for sloppy routing are provided. A client transmits a DNS query corresponding to a requested resource to a content delivery network (CDN) service provider. In some embodiments, the CDN service provider processes the DNS query to determine whether a threshold content delivery bandwidth has been exceeded by data links at cache servers. In other embodiments, additionally or alternatively, the CDN service provider determines whether a content provider has exceeded a threshold network usage that indicates a price at which the CDN service provider to provide content on behalf of the content provider. Using both or either of these thresholds, the CDN service provider can further process the DNS query by providing an alternative resource identifier or a cache IP address, both associated with an alternative POP. In some embodiments, the CDN service provider determines a routing mode for the response to the DNS query.

公开(公告)号：US20200162386A1

公开(公告)日：2020-05-21

申请号：US16219770

申请日：2018-12-13

Applicant: Amazon Technologies, Inc.

Inventor： Anton Stephen Radlein ,  Harvo Reyzell Jones ,  Hardeep Singh Uppal ,  Dennis Marinus ,  Dhiraj Gupta

IPC: H04L12/803 ,  H04L12/747 ,  H04L12/721 ,  H04L12/801 ,  H04L12/851 ,  H04L29/12

Abstract: Systems and methods are described to enable the load-balanced use of globalized network addresses, addressable throughout a network to access a network-accessible service. A set of global access points are provided, which advertise availability of the globalized network addresses. On receiving a request to access a network-accessible service, a global access point can select an endpoint for the service from among a number of data centers, based on a desired distribution of traffic among the data centers. The access point then forwards the traffic to the selected endpoint. In one embodiment, the access point applies network address translation to enable the traffic to be routed to the endpoint without terminating a connection at the endpoint. The access point may use a variety of techniques to ensure resiliency of the network and knowledge of available endpoints.

公开(公告)号：US20190222666A1

公开(公告)日：2019-07-18

申请号：US16361012

申请日：2019-03-21

Applicant: Amazon Technologies, Inc.

Inventor： Hardeep Singh Uppal ,  Matthew Graham Baldwin

IPC: H04L29/08 ,  H04L12/733 ,  H04L29/06 ,  H04L12/751

CPC classification number: H04L45/126 ,  H04L45/02 ,  H04L67/18 ,  H04L67/2842 ,  H04L67/2847 ,  H04L67/327 ,  H04L67/42

Abstract: Systems and methods are described to enable and manage the use of origin-facing points of presence (“POPs”) within a content delivery network (“CDN”). Origin-facing POPs can provide a second-tier caching mechanisms in a CDN, such that cache misses occurring at first-tier POPs may be processed by using information maintained at the origin-facing POPs, rather than requiring interaction with an origin server. Associations between origin-facing POPs and origin servers may be automatically created based on a distance between the respective origin-facing POPs and origin servers, such that an operator of the origin server is not required to specify a location of an origin facing POP. First-tier POPs may selectively retrieve content from origin-facing POPs in instances where the origin-facing POP is expected to provide the content more rapidly than the origin server.

公开(公告)号：US10270878B1

公开(公告)日：2019-04-23

申请号：US14937762

申请日：2015-11-10

Applicant: Amazon Technologies, Inc.

Inventor： Hardeep Singh Uppal ,  Matthew Graham Baldwin

IPC: H04L29/08 ,  H04L29/06 ,  H04L12/751 ,  H04L12/733

Abstract: Systems and methods are described to enable and manage the use of origin-facing points of presence (“POPs”) within a content delivery network (“CDN”). Origin-facing POPs can provide a second-tier caching mechanisms in a CDN, such that cache misses occurring at first-tier POPs may be processed by using information maintained at the origin-facing POPs, rather than requiring interaction with an origin server. Associations between origin-facing POPs and origin servers may be automatically created based on a distance between the respective origin-facing POPs and origin servers, such that an operator of the origin server is not required to specify a location of an origin facing POP. First-tier POPs may selectively retrieve content from origin-facing POPs in instances where the origin-facing POP is expected to provide the content more rapidly than the origin server.

公开(公告)号：US20180097831A1

公开(公告)日：2018-04-05

申请号：US15389276

申请日：2016-12-22

Applicant: Amazon Technologies, Inc.

Inventor： Hardeep Singh Uppal ,  Jorge Vasquez ,  Craig Wesley Howard ,  Anton Stephen Radlein

IPC: H04L29/06 ,  H04L12/743 ,  H04L29/12 ,  H04L9/32

CPC classification number: H04L63/1425 ,  H04L9/0643 ,  H04L9/14 ,  H04L9/30 ,  H04L9/3236 ,  H04L9/3247 ,  H04L45/20 ,  H04L45/7453 ,  H04L61/1511 ,  H04L61/6004 ,  H04L61/6059 ,  H04L63/0428 ,  H04L63/1458

Abstract: Systems and methods are described to enable a DNS service to encode information into a network address to be advertised by the DNS service. Information encoded by a DNS service may include, for example, an identifier of a content set to which the network address corresponds (e.g., a domain name) and validity information, such as a digital signature, that verifies the validity of the network address. On receiving a request to communicate with the network address, a destination device associated with the network address may decode the encoded information within the network address to assist in processing the request. In some instances, the encoded information may be used to identify malicious network transmissions, such as transmissions forming part of a network attack, potentially without reliance on other data, such as separate mappings or contents of the data transmission.

公开(公告)号：US20180097634A1

公开(公告)日：2018-04-05

申请号：US15389314

申请日：2016-12-22

Applicant: Amazon Technologies, Inc.

Inventor： Hardeep Singh Uppal ,  Jorge Vasquez ,  Craig Wesley Howard ,  Anton Stephen Radlein

IPC: H04L9/32 ,  H04L12/743 ,  H04L29/12 ,  H04L12/733 ,  H04L9/06 ,  H04L9/14 ,  H04L9/30

Abstract: Systems and methods are described to enable a DNS service to encode information into a network address to be advertised by the DNS service. Information encoded by a DNS service may include, for example, an identifier of a content set to which the network address corresponds (e.g., a domain name) and validity information, such as a digital signature, that verifies the validity of the network address. On receiving a request to communicate with the network address, a destination device associated with the network address may decode the encoded information within the network address to assist in processing the request. In some instances, the encoded information may be used to identify malicious network transmissions, such as transmissions forming part of a network attack, potentially without reliance on other data, such as separate mappings or contents of the data transmission.

公开(公告)号：US09887932B1

公开(公告)日：2018-02-06

申请号：US14673159

申请日：2015-03-30

Applicant: Amazon Technologies, Inc.

Inventor： Hardeep Singh Uppal ,  Prashanth Acharya ,  Craig Wesley Howard

IPC: H04L12/911 ,  H04L12/917 ,  H04L12/26 ,  H04L29/12 ,  H04L29/08

CPC classification number: H04L47/76 ,  H04L43/16 ,  H04L61/1511 ,  H04L67/10 ,  H04L67/1036 ,  H04L67/322

Abstract: A system, method, and computer-readable medium for point of presence (POP) based traffic surge detection and mitigation are provided. The system detects a traffic surge for a target group of resources directed at a source POP based on the target group's rank shifts and volume changes among recent time intervals. The system mitigates the detected traffic surge by identifying destination POPs with spare capacity and routing at least a portion of incoming requests for the target group of resources to the destination POPs in accordance with their spare capacities.

公开(公告)号：US12271276B1

公开(公告)日：2025-04-08

申请号：US18339729

申请日：2023-06-22

Applicant: Amazon Technologies, Inc.

Inventor： Hardeep Singh Uppal ,  Harvo Reyzell Jones ,  Brad E Marshall ,  Joseph Elmar Magerramov

IPC: G06F11/00 ,  G06F11/07 ,  G06F11/20 ,  H04L12/46 ,  H04L45/28

Abstract: The present disclosure generally relates to a first network device in a primary region that can failover network traffic into a second network device in a failover region. The first network device can receive routing criteria identifying how traffic originating in the primary region should be routed. The first network device can transmit this routing criteria to the second network device in the failover region. Based on determining the occurrence of a failover event, the first network device may transmit network traffic originating in the primary region to the second network device in the failover region. The second network device can determine how to route the network traffic based on the routing criteria of the primary region. In some embodiments, the second network device can determine how to route the network traffic based on the routing criteria of the failover region.

公开(公告)号：US20230164050A1

公开(公告)日：2023-05-25

申请号：US17809814

申请日：2022-06-29

Applicant: Amazon Technologies, Inc.

Inventor： Craig Wesley Howard ,  Hardeep Singh Uppal

IPC: H04L43/0894 ,  H04L43/0876 ,  G06F16/957 ,  G06F16/955 ,  H04L61/4511

CPC classification number: H04L43/0894 ,  H04L43/0876 ,  G06F16/9574 ,  G06F16/9566 ,  H04L61/4511

Abstract: Systems and methods for sloppy routing are provided. A client transmits a DNS query corresponding to a requested resource to a content delivery network (CDN) service provider. In some embodiments, the CDN service provider processes the DNS query to determine whether a threshold content delivery bandwidth has been exceeded by data links at cache servers. In other embodiments, additionally or alternatively, the CDN service provider determines whether a content provider has exceeded a threshold network usage that indicates a price at which the CDN service provider to provide content on behalf of the content provider. Using both or either of these thresholds, the CDN service provider can further process the DNS query by providing an alternative resource identifier or a cache IP address, both associated with an alternative POP. In some embodiments, the CDN service provider determines a routing mode for the response to the DNS query.

公开(公告)号：US11496439B1

公开(公告)日：2022-11-08

申请号：US17210359

申请日：2021-03-23

Applicant: Amazon Technologies, Inc.

Inventor： Hardeep Singh Uppal ,  Junzhi Wang

IPC: G06F15/16 ,  H04L61/256 ,  H04L61/251 ,  H04L67/01 ,  H04L101/35

Abstract: Systems and methods are described for communications between computing devices via a stateless high-volume network address translation (“NAT”) service. The stateless high-volume NAT service manages high volumes of connections between networks by encoding at least part of the information needed to manage a connection in an encoded IPv6 address, which is then used by a NAT device or application as its sending address when relaying data from a source to a destination. The encoded IPv6 address may contain information such as the IPv4 address of the source, the IPv4 address of the destination, the protocol used to communicate, the source and destination ports, and the like. When the destination sends a response to the encoded IPv6 address, the NAT device decodes the IPv6 address to obtain the encoded information, and then uses that information to deliver the response to the source.