Why doesn’t every computer have 256 char domain name, along with a private key to prove it is the sole owner of the address?
Edits: For those technically inclined: Stuff like DHCP seems unnecessary if every device has a serial number based address that’s known not to collide. It seems way more simple and faster than leasing dynamic addresses. On top of that with VOIP I can get phone calls even without cell service, even behind a NAT. Why is the network designed in such a way where that is possible, but I can’t buy a static address that will persist across networks endpoint changes (e.g. laptop connecting to a new unconfigured wifi connection) such that I can initiate a connection to my laptop while it is behind a NAT.
- Yes, it would be a privacy nightmare, I want to know why it didnt turn out that way
- When I say phone number, I mean including area/country code
- AFAIK IP addresses (even static public ones) are not equivlent to phone numbers. I don’t get a new phone number every time I connect to a new cell tower. Even if a static IP is assigned to a device, my understanding is that connecting the device to a new uncontrolled WiFi, especially a router with a NAT, will make it so that people who try to connect to the static IP will simply fail.
- No, MAC addresses are not equivalent phone numbers. 1. Phone numbers have one unique owner, MAC addresses can have many owners because they can be changed at any time to any thing on most laptops. 2. A message can’t be sent directly to a MAC address in the same way as a phone number
- Yes, IMEI is unique, but my laptop doesn’t have one and even if it did its not the same as an eSim or sim card. We can send a message to an activated Sim, we can’t send a message to an IMEI or serial number
This I’m interested in, because its at the edge/limits of my knowledge when it comes to domains and cellular networking.
Are you saying if cell phones had a larger address space, let’s say 32 digits base 10, and every device was given a cell phone number, it would overwhelm the existing infrastructure?
It’s not just the address space, but also the sheer number of lookups.
DNS has authoritative name servers based on tld, and then domain, and then maybe subdomain.
When you’re dealing with IP addresses, there is no such tree that I lookup, I just fire it into the abyss and let the routing hardware do the lookups. I know who my gateway is to the internet, but I usually don’t keep the routing information.
My ISP’s routing hardware then says “this IP was last found somewhere in Europe so I’ll fire it at my European connection and hope they get it right.”
Losses are expected.
IPv6 CAN route with larger address tables, but the “fire and forget” method still exists.
There’s also a method to scream at all my peers “do you know where 5.5.5.5 is, because I don’t know” I’ll remember their answer for a bit because that’s useful, but I’ll eventually forget it because I expect it to move. I expect this ip movement because I’m fault tolerant. I might not find the fastest way there, but I’ll find it.
Philosophically, the internet is designed to be fault tolerant and pseudo anonymous. So if 5.5.5.5 is somewhere in Spain and my Spain peer dies, I recognise that the packets are failing and then I start blasting them at England, because my British connection knows all about the Spanish villa and can pass along my messages. I don’t really care where Spain is, I care about who can get my message there and that’s it. It’s too onerous to always keep track of where everyone is, and MOST people on the internet I don’t actually know about because they’re behind a Nat gateway and I don’t care about them. This makes it so I only have to care about edge devices and greatly simplifies my list.
So for example, your laptop isn’t actually on the internet. Your modem/router is, but your laptop doesn’t exist to the internet. When I want to send you a packet, I just send it to your router and let the router handle it. I don’t even know that your laptop exists, and I don’t care.
Well your router will send the data to your laptop instead of your phone because the Nat is keeping track of who requested it and your phone didn’t ask for it. This causes problems because it means that from outside your network, I can’t just connect and send data inside your network unless someone asked for it. So I can’t just call your cell phone unless it reaches out first because I don’t know that your cell phone exists, and even if I did, the router would block it. This is why port forwarding exists, it allows you to have your laptop get ALL data sent to the router on port 12345. I still don’t know about your laptop, but I know that there’s a server on your IP address on port 12345 that I can connect to and request/send data to. Keeping track of all of this just so that I always know where your laptop is requires a fair bit of coordination at many layers.
Ideally it has a domain at a registrar that I can ask about where it currently is. The routing is still “fire and forget “ because it simplifies my list of “where every IP is” and even then, I only know about the laptop’s edge connection to the internet and let that edge take care of where to actually send the data so I don’t have to think about it.
In IPv6, Nat works a little different, but it’s still close.
I’m honestly not sure how many mistakes I made, I just kinda brain dumped info, so let me know which pieces don’t make sense.
If I’m understanding correctly, you’re saying that right now the network doesn’t have an exhaustive table of IP addresses to physical locations. It has a cache, and a hierarchy, and the path to a location of the IP is fluid.
But a system where every device could be directly contacted/identified like a Sim card, would effectively require a complete table of “what network is device ABC at”. A table that is updated every time the device changes network connections. It would be like trying to change domain name to point to a different IP address.
The problem is, updating a domain to point to a new IP takes hours or days not seconds, so doing that every time a phone changes WiFi is not practical.
Is that a good summary?
Yes, but we’re talking about “seconds” and “nanoseconds” rather than hours.
Networks move much faster than we do.
There’s also no hierarchy of IP addresses, and that matters for lookups.
So the 1 second it takes to do a dns lookup is WAY too long for continuous ip lookups, and the size of the database and chains requires explaining where to find ip address X is too long and updates WAY too much to be accurate and/or kept.
Lookups are easiest if you know “I lookup .uk addresses at this particular server in England” because that particular “ authoritative DNS server” only really handles its own little segment of lookups.
There is no such hierarchy in ip addresses, and they can’t really be cached for long.
You would have to continually know and update all of them. And we sorta do in the larger routers, but keeping that up to date at the edges would require a TON of bandwidth.
My understanding with phones is that you phone your own provider, who then looks up the provider of the number you’re calling based on country code, provider or area code prefixes. Providers will “peer” with each other to route calls over the most cost efficient path. So the other sides provider is responsible for getting it to the right destination phone within thier own customer network. Theres no authentication from the sending party on a protocol level, this is why scammers can spoof as any phone number.
I believe that IP routing does something similar, the IP data is handed over to possibly multiple providers until it reaches its destination provider. The blocks of ip addresses are published as linked to an Autonomous System and each autonomous system has an owner/provider. The source is not authenticated at a protocol level which is why we need client and server certificates.
In DNS you go to the root TLD servers and ask what IP the .com resolver is. The .com resolver has a list of mappings of authoritative name servers to domains. So example.com may have an authoritative NS of 1.2.3.4 who you can go to and ask what IP test.example.com is hosted on. The authoritative name server is the source of truth for that domain and other servers cache it to prevent overloading and increase speed. You may check with the authoritative NS if you want, but it may be slower to respond than your local NS. Again DNS is not authenticated at the protocol level so we need server certificates to prove that the device behind the IP serving you is allowed to serve you test.example.com.