Domain Names and IP Addresses

Computers do not communicate directly with names but numbers. For a simple example assume Alice’s computer is #1, Bob’s is #2, and Sam’s is #3. Computer #1 is sending a message to #2. Either the delivery mechanism must ensure the message only goes to #2 and not #3 or if #3 receives the message it should ignore it since it was not addressed to it.

While our Alice and Bob are fictional, human beings do not address each other as #1 and #2, but as Alice and Bob. So when Alice uses a computer to speak with Bob, some underlying technique is used to translate Alice to #1 and Bob to #2 to allow the computers and therefore the people to communicate. For out computer world Alice and Bob use a human friendly domain name and the DNS translates domain names into the computer friendly numeric identifier or IP address.

Internet Protocol or IP addresses are 32 bit numbers, or a bit over 4 billion possibilities. They are typically written in a form that make it clear that this is an IP address. For example 127.0.0.1 or 10.23.45.67. These are version 4 addresses or IPv4. Version 6, or IPv6, uses a 128 bit number to massively expand the possible addresses, but is essentially the same for our review.

Until the late 1970s there was a simple file that listed the names and the related addresses to each computer. With typical data rates still only about 2400 bits per second and a growing file size a new method to manage the name to IP relationship had to be found. In the early 1980s the domain system was born.

A tree structure was defined where there is a single root, a limited number of Top Level Domains or TLD. Each Top Level Domain would have Second Level Domains or SLD that could in turn have third and fourth levels or more.

The primary users were assigned a TLD, such as “MIL” for the US Military. Considering most of the funding came from the military via the Defense Advanced Research Projects Agency or DARPA they had and continue to have their own TLD.

It is worth noting that DARPA was formally known as ARPA and therefore you will frequently see names or mentions of ARPA or ARPANET. A reverse DNS lookup will give you something ending in “in-addr.arpa” (Internet Address ARPA) which shows its ARPA legacy.

Other early TLDs included “COM”, “EDU”, “GOV”, “NET”, and “ORG”.

Two letter TLDs were reserved as country codes. Exampes are “US”, “UK”, “CA”, “AU”, and “NZ”, which collectively are known as the “Five Eyes”.

When Alice’s computer wants to communicate with Bob’s computer, Alice’s computer must “resolve” Bob’s domain name. There are multiple ways this can occur. In all cases this is done by a program on essentially every computer that communicates via domain names.

Let’s consider how this domain resolution can occur with the assumption that Alice’s computer has a domain name of Alice.Example.com with an IP of 10.1.1.1. Bob’s computer is at Bob.Example.org with an IP of 10.2.2.2.

ShofarNexus™ ● ShofarNexus.comShofarNexus.Shofar

The Domain Name System ● What it is to “Resolve”

Domain Names and IP Addresses

Iterative Lookup ● Alice’s computer does it all

Recursive Lookup ● A server does it all

Hijacking a query

Tracking your queries

Secure DNS Server

DNS Filtering

Matryoshka DNS Server