Ever wondered how the internet knows where to take you when you type in a web address? Today, I dove into the fascinating world of DNS (Domain Name System) and uncovered not just how domains work but also who controls them, how you can buy one, and whether you can own a top-level domain (like .com).
Spoiler alert: it’s not as straightforward as you’d hope, but it’s definitely worth exploring!
The process of “owning” a domain name
Owning a domain name might sound like claiming a piece of digital real estate, but it’s a bit more like renting. Let’s break it down into the key players who make this process work.
Let’s start at the place where it all begins for most of us: the registrar.
Visit a Domain Registrar
A domain registrar (like Porkbun, GoDaddy, or Namecheap) is where I go to buy my domain. These platforms are like online marketplaces where you search for and purchase domain names. When you find a domain you like (e.g., prashants.in) and pay the yearly fee (around $10–15), the registrar handles everything behind the scenes to make it yours. They:
- Keep some money as their service fee
- Pay the registry to add my domain to their database
- Provide me with tools to manage my domain settings
Domain Registry Steps in
Once you pay the registrar, your domain details are sent to the registry that manages your domain’s TLD (Top-Level Domain).
A domain registry is the entity that operates the domains for a Top-Level Domain (TLD). For example, VeriSign operates all .com and .net TLDs. For .in, it’s NIXI (National Internet Exchange of India).
The registry’s job is to maintain a master database of all domains under their TLD and ensure they’re always accessible. They don’t own the TLD—they just manage it, much like a property manager looks after a building.
For example, when I bought prashants.in, I paid Porkbun, who then sent my information to NIXI and paid them their share.
ICANN – the digital landlord
The Internet Corporation for Assigned Names and Numbers (ICANN) is the authority over all TLDs used on the Internet. They oversee all the Top-Level Domains (TLDs), like .com, .org, and .in. While they don’t manage these TLDs directly, they delegate the responsibility of operating these TLDs to various organizations. When I register a domain, a small portion of my payment goes to ICANN to help fund their operations.
TL;DR: ICANN oversees all domain names and delegates the management of TLDs (like .com or .in) to registries, who maintain the master database for their TLDs. Registrars, like Porkbun or GoDaddy, act as storefronts where you can buy a domain. When you register a domain, your payment is split between the registrar (for their services), the registry (for managing the TLD), and ICANN (to keep the global system running).
Owning your own TLD
I know that’s what you’re thinking.
What if you want to create a registry and handle all the domain registrations for .sengar? Can you let people buy domains for the .sengar TLD from you?
Yes, you can!
Assuming that the TLD is not already taken, you can file an application with ICANN asking them to let you operate .sengar.
The only problem is that it is extremely expensive to do so. There is a very hefty application fee, then the cost to run and maintain the servers. Then there are the rest of the business operating costs – legal, accounting, and everything else.
There are some private corporations that have purchased some TLDs. Like the .google TLD which is operated by Alphabet Inc (parent company of Google) or the .sbi TLD which is operated by the State Bank of India (the largest bank in India).
But this is in case you want to register with ICANN. Who are they? Why do they think they own the internet? What if you don’t want to be accredited with ICANN and operate your own TLD?
You can do that – but there is a problem.
Understanding Domain Name Resolution
When you type prashants.in into your browser, your computer needs to find its IP address – similar to looking up a friend’s physical address to visit them. This process is called domain name resolution, and it works like a chain of referrals. Let’s follow the journey:
- Your Initial Request
When you type prashants.in, your browser needs to convert this human-readable name into an IP address. It’s like asking “Where can I find prashants.in?” - The First Stop: Your DNS Resolver
Think of your DNS resolver as your local guide. It’s usually provided by your ISP (like Airtel or Vodafone), though you can choose others like Google (8.8.8.8) or Cloudflare (1.1.1.1). The resolver starts the search on your behalf. - The Root Nameservers: The Global Directory
Your resolver first contacts one of the 13 root nameservers. These servers are like the master directory of the internet. When asked aboutprashants.in, the root server says, “I don’t know the exact address, but I can direct you to the people who manage .in domains.” - The TLD Nameservers: The Country Experts
Next, your resolver contacts the.inTLD nameservers, managed by NIXI (National Internet Exchange of India). It’s like asking the Indian directory specifically aboutprashants.in. The TLD server responds, “I know who managesprashants.in‘s information – let me point you to their nameservers.” - The Authoritative Nameservers: The Final Answer
Finally, your resolver reaches the authoritative nameservers forprashants.in. These servers, managed by your DNS provider (like Cloudflare or AWS Route 53, or your domain registrar), have the actual IP address you’re looking for.
This system works because everyone agrees to use ICANN’s root nameservers as the starting point.
So if you want to open your registry without getting accredited by ICANN, you need to run your own nameserver AND convince all the ISPs and public DNS resolvers to use your root nameserver.
Try doing that.
Alternative Approach
But there is one thing that I can do.
I can run my own recursive nameserver and use it as the default DNS nameserver on my devices. I can configure it to resolve all the .sengar domains to the IPs I provide.
For example, I can make it resolve prashant.sengar to the same IP as prashants.in!
I don’t need to stop at that. I can even make google.com resolve to the same IP as my domain.
But the problem here is that it works only for the devices where I can configure the DNS resolver. That means I can own .sengar TLD but only for my private usage.
This is something that people do – use a non-existent TLD for internal usage. For example, communication in a private network can happen using a domain name (backend_service.my_company_name) rather than using its IP all the time.
There is this blog post about setting up your own DNS server (not affiliated)
Conclusion
The whole global DNS system is a fascinating concept and there are a large number of entities managing the whole internet for us.
There are a lot of things that you can do on the internet but owning a TLD is not one of them (unless you are ultra-rich). But do not let that stop you from creating a private DNS resolver that resolves poopy.snoopy to your sibling’s website.
See more
Checkout Handshake who are building a peer-to-peer network using blockchain technology — like a secure public registry. It aims to replace the ICANN root servers.