Exploring fully qualified domain name (FQDN) in networking

What is FQDN?

An FQDN is the most basic unit of the hierarchical, word-centric labeling system used to map memorable pieces of language on top the Internet’s primary resource identifier and addressing system. For example, it is much easier to remember an identifier such as Aviatrix.com or Salesforce.com rather than 173.75.88.220, the Domain Name Service operates in singular fashion for mapping names to these addresses.

Not many folks talk about domain names in terms of whether or not they are “Fully Qualified”, most network engineers just say domain name, but we shall explore for a moment. For a domain name to be fully qualified, ( let’s say that you bought one, let’s call it VirtualRoutersAreTotallyCool.com ), it needs to work. And by working, I mean that when you type the name into the browser, you should get an HTTP 200 response that returns the index.html of your web application. The short answer is that it points to a resource that can be appropriately mapped through the global DNS service that has been properly informed by your domain name registrar that supplies an authoritative DNS server with the IP address of your web server.

The naming convention of the FQDN that allows it to locate a resource are threefold: A top level domain, ( com, net, org, etc. ) a second-level domain, ( usually referred to as the domain name ) and a dot notation separator ( which actually represents the root domain of the entire internet ). This the minimum requirement for the DNS naming convention to operate. To create logical separations between different parts of digital assets or web application functions, sub-level domains ( usually third level domains ) were instituted as another form of resource identifier within a given hosting filesystem. Requiring a canonical name record entry to route to an identifier like “login.aviatrix.com”, it is not necessary for the DNS system to function.

With respect to public cloud services (AWS, Azure, Google) FQDN is often used when referring to filtering. Organizations – either for security reasons or to meet regulatory compliance – often like to inspect and control (egress) traffic leaving their VPC. For example, a business might allow a resource to communicate with another AWS service or with Salesforce.com, but not with other domains.

For the past 25 years, most of the world has been under a spell that makes them think that for the internet to work properly, a ‘www’ is required in the third level domain position to route packets and render HTML. This is simply not so. The term ‘www’ is simply an old Unix convention for a folder for web content that was considered to be temporary or transient. How it came about exactly, or who put it there are questions that are better suited to the likes of Linus Torvalds or Sir Tim Berners-Lee.