
The website is unknown – How DNS works - dbrgn
https://howdns.works/
======
veb
I didn't even know .works TLD was a thing. Feels like the 'market' is
oversaturated with a new one every second. Here's a link to a bunch I didn't
know existed: [https://iwantmyname.com/domains/new-gtld-domain-
extensions](https://iwantmyname.com/domains/new-gtld-domain-extensions)

I did smile when I saw it was by DNSimple, absolutely love using them.

EDIT: I'm not a shill for these guys, but I signed up with them very early on
and their customer service was fantastic. What made me become a (hopefully)
life-long customer was when I emailed them to say that as a result of a
botched cochlear implant surgery leaving me very sick, and out of work I could
no longer pay my plan -- and they actually offered to help pay all my services
I had with them until I was back on my feet! It was a small token on their
behalf but so appreciated by me (but I asked a friend to meet the repayments
instead to try maintain some self dignity). I just thought I should share this
wee story!

~~~
snug
Full list here

[https://publicsuffix.org/list/effective_tld_names.dat](https://publicsuffix.org/list/effective_tld_names.dat)

~~~
weppos
The PSL has a quite different meaning, this list is enhanced with a lot of
suffixes that are not actually TLDs. You may want to refer to
[https://github.com/weppos/ianawhois](https://github.com/weppos/ianawhois)
instead.

DISCLAIMER: I'm both a maintainer of the Mozilla PSL and the linked GitHub
repo.

------
htor
How servers work: [https://xkcd.com/869/](https://xkcd.com/869/)

------
aroch
As it turns out, one of the referenced sites exist:

[http://zone.vision](http://zone.vision)

[http://zone.vision/#/news.ycombinator.com](http://zone.vision/#/news.ycombinator.com)

~~~
aeden
Yep, this is another tool we built to help troubleshoot zone issues. We also
use it to provide data for some parts of the DNSimple UI since zone.vision has
an underlying API ([http://api.zone.vision/](http://api.zone.vision/))

------
Blahah
So, according to this the .COM TLD server, when asked to resolve dnsimple.com,
would say 'ask ns1.dnsimple.com'? That still requires resolving dnsimple.com,
which seems circular. Surely the .COM TLD server would give the IP address of
the authoritative name servers for the domain?

~~~
schoen
Yep, it would.

[https://en.wikipedia.org/wiki/Domain_Name_System#Circular_de...](https://en.wikipedia.org/wiki/Domain_Name_System#Circular_dependencies_and_glue_records)

~~~
Blahah
Thanks! They should really add this to the guide, because it's a confusing
step at the moment.

------
AndyMcConachie
"The management duty of most top-level domains (TLDs) belong to the Internet
Corporation for Assigned Names and Numbers (ICANN)"

This is not a true statement. Each TLD is controlled by its respective
registry, which is certainly not ICANN.

~~~
pbreit
Perhaps "manage" vs "control"?

~~~
AndyMcConachie
ICANN doesn't really control TLDs either. All ICANN does is grant monopolies.
Once the monopoly is granted they do very little. You could argue they're a
regulator, but they have close to zero enforcement power.

------
talideon
It glosses over glue records, which it really shouldn't.

~~~
0x0
Agreed, I would imagine for someone who doesn't know about glue records, the
"road trip to ns1.dnsimple.com" must be super confusing since it doesn't
explain how to find their location.

~~~
logingone
Ah, I'll confirm that imagining. I'm unfamiliar with glue records. How I've
not encountered them I don't know, and it should possibly concern me. Maybe I
have and have forgotten. Anyway, I was thinking hang on, back to square one,
where do we get the ns ip addresses, we're going to go round in circles.
Thanks for filling in the missing piece.

------
yareally
I always preferred this little illustration for how DNS worked[1]. It's
similar to the linked one, but more minimal and to the point.

I had a 1920x1200 copy around somewhere I used for a desktop background, but
can't find it at the moment.

[1] [http://gdihouston.github.io/intro-programming-
concepts/image...](http://gdihouston.github.io/intro-programming-
concepts/images/how-web-works.png)

------
yc1010
I think the whole DNS mechanism is broken badly

Beside the hundreds of new nonsense TLDs you have domains being taken down for
copyright infringment or dissident suppression, name squatting and of course
domain name frontrunning by registrars

And then there are of course DNS aimed DDOS attacks etc

Something needs to be done (yes I heard of namecoin) since the web as we know
it is getting shittier by the year :(

~~~
simoncion
Front running is more or less fixed by naming and shaming the registrars. I'll
start:

GoDaddy is well known for domain name frontrunning. If you search for the
availability of a domain using their website, they will likely temporarily
register that name, forcing you to use them as a registrar. Use an alternative
like gandi.net or Google Domains.

> ...then there are of course DNS aimed DDOS attacks...

Traffic amplification attacks are possible with protocols that return more
data than one sends to trigger the return.

> Something needs to be done...

Do you, yc1010 have either a specific list of problems with DNS-the-protocol
and/or DNS-the-distributed-name-to-address-mapping-system or a set of proposed
solutions? :)

------
tehchromic
wow. I was not expecting that level of quality! I also did not believe one
could caricature the classes of dns server so accurately.

------
sudhakarssd
This is amazing and innovative. even for me being web developer its difficult
to understand, how dns actually works ;)

------
iamd3vil
Awesome.I sent this to my friend who doesn't know anything about DNS and he
told me this is awesome. I wasn't expecting that.

------
calebm
I love the illustrations :) You should create a series of kids books
explaining such topics, and I'll buy them... for my kids.

------
leuu
It's very nice. I think it needs a summary at the side or something, so we
know where we are.

~~~
sudhakarssd
I agree there should be little more description.

------
jchomali
This is awesome! Thanks for sharing!

~~~
dbrgn
You're welcome, I just stumbled over it on Twitter :)

------
tyrick
Cute. I didn't know nameservers had so much personality.

