Location and the Internet – a technical perspective (part 2)

In part 1 of this article I looked at how location information can be deduced from IP addresses, and how data travels across the Internet using a protocol called TCP/IP.1

The information in part 1 is critical to understanding how the Internet works. It does not, however, fully address the CNIL's comment2 that, in respect of domain names:

Geographical extensions are only paths giving access to the processing operation.

The "Geographical extensions" to which CNIL refers are those found in domain names, for example .fr for France or .uk for the United Kingdom.

What are domain names?

Domain names are the memorable, alpha-numeric, names that have become the familiar to the way that we use the Internet.

The Domain Name System ("DNS") is the globally distributed technology behind domain names.3

DNS operates using the DNS protocol.4 The DNS protocol maps fully qualified domain names to IP addresses.5

"Fully qualified" means that the domain name includes:

  1. The top-level domain name ("TLD"); this is a generic TLD like .com, or a country-code TLD like .uk. (In fact, country-code TLDs are often accompanied by a second-level sub-domain such as .co'i.e. .co.uk.);

  2. The second-level sub-domain name, which together with the TLD forms the registered domain name (for example .google);

  3. Any subsequent sub-domain names (for example, .bbc). These are typically chosen by the registrant of the domain name, and are recorded in the domain name registrar's DNS servers (see below); and

  4. The hostname of the relevant server or service (for example, www is typically used for web servers). These are determined solely by the registrant and stored by their DNS servers, but not by in the domain name registrar's DNS servers (see below).

So, the DNS system maps the fully qualified domain name www.bbc.co.uk to the BBC's webserver.

How does DNS work?

When a user enters a URL6 such as http://www.bbc.co.uk/ into a web browser7, that URL gives the user's computer enough information to:

  1. access the DNS system to request the IP address for www.bbc.co.uk8; and

  2. connect to the webserver at that IP address, and ask for the resource provided at that URL (in this example, the BBC's website).

Creating a path

The path across the Internet to that webserver can be determined as set out in part 1 of this article, as follows:

Plot to www.bbc.co.uk9

In this context, DNS is therefore a mapping tool to help location of resources on the Internet, by translating a 'friendly' domain name into a 'techie' IP address.10

DNS records

The mapping is performed using DNS servers configured with DNS records. The precise mapping of DNS records to IP addresses is a technical process which is up to each individual domain name registrant.

The following image shows an example of a DNS record.10 The record (a simple text file) lists each hostname (ns1, www, ftp...) in the domain name (somefakedomain.com) against an IP address (192.168.1.200):

Example of a Bind DNS record

The file is read by the DNS server, which then responds to requests for an IP address which corresponds with the requested domain name.

Practical conclusion

Therefore, theoretically, anyone who controls a registered domain name (no matter what the top level domain name is - i.e. whether it's .com, .co.uk, .fr or otherwise) can create a fully qualified domain name under that registered domain name to point to the IP address of any server anywhere in the world by creating a mapping in this manner.

Data will then travel to that IP address as set out in part 1 of this article.

Domain names do not correspond to physical location, unless they are deliberately mapped in that way. Domain name owners are free to map .com. domain names to servers in Europe, and .co.uk. or .fr. domain names to servers in the USA, or any combination of any domain name and location.

This article has covered only the basics of how data is routed and processed on the internet. Modern web services are architected such that the IP address to which the web-server resolves is merely the tip of the iceberg of data processing operations.

  1. See http://chrisjames.uk/location-and-the-internet-pt1

  2. http://www.cnil.fr/english/news-and-events/news/article/right-to-delisting-google-informal-appeal-rejected/

  3. http://www.windowsnetworking.com/articles-tutorials/network-protocols/Understanding-DNS-Protocol-Part1.html

  4. DNS is a decentralised service in the main, but it does rely on twelve 'root' servers. For an interesting insight into how these are governed, read http://www.theguardian.com/technology/2014/feb/28/seven-people-keys-worldwide-internet-security-web

  5. https://en.wikipedia.org/wiki/Fullyqualifieddomain_name

  6. Universal Resource Locator. This includes the fully qualified domain name (www.bbc.co.uk), a means of accessing it (http:// i.e. hypertext transfer protocol), and the location of the resource requested (in this case the trailing '/' - which is requesting the index page).

  7. The World Wide Web (aka the 'Web') is just one service of many running on the Internet. The Web is not the same thing as the Internet.

  8. DNS specialist Dyn.com has a nice write up of how this works at http://dyn.com/blog/dns-why-its-important-how-it-works/

  9. This is the output from my favourite traceroute tool, Pingplotter, which provides a GUI equivalent of the command line traceroute tool that I covered in part 1.

  10. Pingdom has a nice diagram of the process at http://royal.pingdom.com/2009/06/08/a-visual-explanation-of-how-dns-lookups-work/.

  11. Courtesy of http://www.xenocafe.com/tutorials/dnslinux/redhat/dnslinux_redhat-part3.php.