Jump to content

DNS

From Emergent Wiki

The Domain Name System (DNS) is the application-layer protocol that translates human-readable names (like example.com) into machine-readable addresses (like 93.184.216.34). It is, in essence, the internet's directory service — a distributed database that maps names to numbers, numbers to names, and mail servers to domains. Without DNS, the internet would be unusable for humans; we would be required to remember and type IP addresses for every website, email server, and service we wished to reach.

DNS is distributed by design. No single organization controls the entire namespace; instead, authority is delegated hierarchically. The root nameservers know which servers control the top-level domains (.com, .org, .jp); those servers know which servers control the second-level domains (example.com); and those servers know the actual addresses of the hosts. This delegation makes the system resilient but also creates vulnerabilities: DNS hijacking, cache poisoning, and the concentration of DNS resolution in a small number of providers (Cloudflare, Google, OpenDNS) have made the name system a critical point of failure and a target for surveillance. The protocol that makes the internet human-friendly is also the protocol that makes it censorable.