1

As far as I know, A fully qualified domain name (FQDN) consists of two parts:

  1. The hostname part: A single label representing a machine belonging to one specific domain.

  2. The domain name part: Multiple labels joined with dots and representing the domain, which is basically a group of machines.

Normally, only with a FQDN can we visit a particular machine on a particular network from outside. We can't do it with only either the hostname part or the domain name part.

For example, the www.google.com FQDN specifies the hostname part as www and the domain name part as google.com. And with this FQDN we can visit a machine in the google.com domain.

It all looked nice until I came across a FQDN which also functioned as a domain name in an experimental environment manually set by others. Here is the procedure I have went through :

  1. I opened Wireshark and started capturing packets.

  2. I visited cool.com using my browser.

  3. The web page was successfully loaded. And Wireshark captured something. It showed that when my local DNS server asked upper level domain name servers the IP address of the cool.com server, it was led to the authoritative name server of the cool.com domain, which was ns.cool.com. And this authoritative name server replied with the IP address of the cool.com server.

    The authoritative name server was shown in a NS type resource record with key cool.com returned by some upper level domain name server. And the IP address of the cool.com server was shown in an A type resource record with key cool.com returned by the authoritative name server, i.e., by ns.cool.com.

    Examining the headers of the HTTP request sent to cool.com later, I made sure my browser was not playing tricks like automatically extending cool.com to www.cool.com. So I was actually paying a visit to cool.com.

My question is, why the cool.com domain name can itself be a FQDN in this case? I hadn't defined the hostname part yet. The boundary between a FQDN and its domain name part seems blur...

Is it up to the network administrator which machine I would end up visiting or something? Thank you so much if anyone gives me an explanation!

gossac
  • 21
  • 1

1 Answers1

3

FQDN doesn't consist of only two parts. It consists of multiple (or even single) labels but should include TLD. In your case www.cool.com, cool.com and com are all domain names (3rd-level domain, 2nd-level domain and top-level-domain AKA TLD) and FQDNs.

The leftmost part of a domain name (www) is a leaf domain, hostname, local part, host part.

At the same time, a hostname isn't defined as a single label. A hostname can be any domain name.

A hostname can be specified as a single label relative to some domain (e.g. host). It can be specified as multiple labels and still relative to some domain (e.g. host.internal-sub-domain). It can be specified with all labels up to TLD and in this case, it is called FQDN (fully-qualified domain name), e.g. host.internal-sub-domain.second-level-domain.tld.

You can access any domain name/hostname with a browser as long as it has an A record and responds to HTTP/HTTPS. There are even some TLDs with A records assigned (eg http://ai/)

AlexD
  • 8,179
  • 2
  • 28
  • 38
  • This is excellent explanation! – Nikita Kipriyanov Dec 16 '21 at 11:23
  • See RFC 8499 for all needs on DNS terminology as it goes into great length to collect and summarize all vocabulary. FQDN is defined there. – Patrick Mevzek Dec 16 '21 at 15:03
  • "with a browser as long as it has an A record" Please don't speak only of the legacy Internet of the last era. Nowadays IPv6 should be the norm, so you can connect to server if it is typically *at least* an IPv4 (`A` record) **OR** IPv6 (`AAAA` record). – Patrick Mevzek Dec 16 '21 at 15:04
  • That explains a lot. Thank you! And by saying "You can access any domain name/hostname with a browser as long as it has an A record and responds to HTTP/HTTPS", do you mean the leaf domain/hostname/local part/host part is optional? In other words, `www.google.com` and `cool.com` are both good FQDNs for accepting HTTP requests (They are good because they match the "as long as" condition cited above) even though `www.google.com` does have host part but `cool.com` doesn't? – gossac Dec 16 '21 at 18:23
  • @gossac The point is that `cool.com` has a (host|local|leaf) part which is `cool`. – AlexD Dec 16 '21 at 18:36
  • @AlexD Then why is it that the A record with key `cool.com` does not reside in the authoritative name server of the `com` domain, but in the authoritative name server of the `cool.com` domain? I can't yet understand its difference with the `www.google.com` FQDN, of which the A record resides in the authoritative name server of the `google.com` domain. Again, thank you for your clarification! – gossac Dec 16 '21 at 23:50
  • @gossac the `A` record resides in `cool.com` zone because this zone is delegated with `NS` records in `com.`. You can delegate `www` the same way (with NS records in `cool.com` zone) and then you'll have an `A` record for `www.cool.com` in `www.cool.com` zone. There is also a case of glue records where you have `A` records in both the authoritative zone and in the parent but I'll skip it to avoid confusion. – AlexD Dec 17 '21 at 07:31
  • Finally clear. Thank you! – gossac Dec 17 '21 at 18:54