Hello fellow Lemmings! I hope this is the right place to ask this. I don’t understand how web domains work. Let’s say I want to buy the domain “abcdefghi.net”. I can go to a domain provider like haruba or godaddy and just buy it. but how can they, a private, sell me these domains? I’m not talking about the hosting, but just the domain. where do they register this domain I’m buying? isn’t it possible to register it myself instead of paying these services to do it for me?
When you buy a domain, you buy the right to (among other things) edit the address book for that domain, also known as DNS zones.
Once you buy the domain, for example, you can tell your domain provider “I want example.com to point to the IP address 1.2.3.4”.
Most importantly the domain provider has been given the rights to sell these domains by ICANN who manages what is known as the “root DNS servers”.
When a computer has no idea who to contact to resolve a domain it contacts the root DNS servers first and these tell them to check the entries of the domain provider. It all trickles down from there. If the domain provider wasn’t approved by ICANN then their root DNS servers would never point to them.
In reality there’s more organizations involved including: resellers, registrars and registries. But they all follow the same principle and create a chain of linked address books (DNS zones) that flow from the root DNS servers.
There is not stopping you from setting up your own domain system. You can get all the domains you want for free, but no other computer would be able to access them because by default the convention is to trust only the ICANN DNS servers.
If you use windows, Google “hosts file”. In that file you can enter any domain you want and an associated IP address and your computer will comply with it. You could even have google.com point to your own homepage, but of course that would only be your computer.
By the way, if you hear about DNS servers like google’s 8.8.8.8 or cloudflare’s 1.1.1.1, these are not the root DNS servers. These are called “resolvers” and they are the ones that talk to the root DNS zones and cache their response so that it can be resolved faster instead of having to go down the whole chain every time.
thanks for the super answer! I understand now!
Technically the root DNS servers are the ones hosting com, net, org,… and the country top level domains and registrars sell you domains under those which can have their own set of DNS servers.
It is not just a matter of only trusting those. There is also no real way to check multiple DNS servers for a single domain and combine the results in a meaningful way. Some systems allow you to configure that requests for specific domains and all their subdomains use a different DNS server for lookups and another DNS server for everything else and of course you can configure multiple servers for redundancy and your system will use one at random or use one when the other is not reachable but you can’t really configure two DNS servers with different views of domains and expect the results to magically combine as needed.