3.2 Choosing a Domain Name
Choosing a domain name is more involved than it may sound, because it entails both choosing a name and finding out who runs the parent zone. In other words, you need to find out where you fit in the Internet domain namespace, then find out who runs that particular corner of the namespace.
The first step in picking a domain name is finding where in the existing domain namespace you belong. It's easiest to start at the top and work your way down: decide which top-level domain you belong in, then which of that top-level domain's subdomains you fit into.
Note that in order to find out what the Internet domain namespace looks like (beyond what we've already told you), you'll need access to the Internet. You don't need access to a host that already has name service configured, but it would help a little. If you don't have access to a host with DNS configured, you'll have to " borrow " name service from other name servers (as in our previous ftp.microsoft.com example) to get you going.
3.2.1 On Registrars and Registries
Before we go any further, we need to define a few terms: registry, registrar,and registration. These terms aren't defined anywhere in the DNS specs . Instead, they apply to the way the Internet namespace is managed today.
A registry is an organization responsible for maintaining a top-level domain's (well, zone's, really) data files, which contain the delegation to each subdomain of that top-level domain. Under the current structure of the Internet, a given top-level domain can have no more than one registry. A registrar acts as an interface between customers and the registry, providing registration and value-added services. It submits to the registry the zone data and other data (including contact information) for each of its customers in a single top-level domain.
Registration is the process by which a customer tells a registrar which name servers to delegate a subdomain to and provides the registrar with contact and billing information. The registrar makes these changes through the registry.
VeriSign, Inc. currently acts as both the exclusive registry and as a registrar for the com , net , org , and edu top-level domains. And now, back to our story.
3.2.2 Where in the World Do I Fit?
If your organization is attached to the Internet outside of the United States, you first need to decide whether you'd rather request a subdomain of one of the generic top-level domains, such as com , net , and org , or a subdomain of your country's top-level domain. The generic top-level domains aren't exclusively for U.S. organizations. If your company is a multi- or transnational company that doesn't fit in any one country's top-level domain, or if you'd simply prefer a generic top-level to your country's top-level domain, you're welcome to register in one. If you choose this route, skip to Section 188.8.131.52 later in this chapter.
If you opt for a subdomain under your country's top level, you should check whether your country's top-level domain is registered and, if it is, what kind of structure it has. Consult our list of the current top-level domains (Appendix D) if you're not sure what the name of your country's top-level domain would be.
Some countries ' top-level domains, such as New Zealand's nz , Australia's au , and the United Kingdom's uk , are divided organizationally into second-level domains. The names of their second-level domains, such as co or com for commercial entities, reflect organizational affiliation . Others, like France's fr domain and Denmark's dk domain, are divided into a multitude of subdomains managed by individual universities and companies, such as the University of St. Etienne's domain, univ-st-etienne.fr , and the Danish Unix Users Group 's dkuug.dk . Many top-level domains have their own web sites that describe their structure. If you're not sure of the URL for your country's top-level domain's web site, start at http://www.allwhois.com, a directory of links to such web sites.
If your country's top-level domain doesn't have a web site explaining how it's organized, you may have to use a tool like nslookup to grope around and figure out its structure. (If you're uncomfortable with our rushing headlong into nslookup without giving it a proper introduction, you might want to skim Chapter 12.) For example, here's how you could list the au domain's subdomains using nslookup :
C:\> nslookup - 184.108.40.206 -- Use the name server at 220.127.116.11 Default Server: ns1.mindspring.com Address: 18.104.22.168 > set type=ns -- Find the name servers (ns) > au. -- for the au domain Server: ns1.mindspring.com Address: 22.214.171.124 au nameserver = MUNNARI.OZ.AU au nameserver = MULGA.CS.MU.OZ.AU au nameserver = NS.UU.NET au nameserver = NS.EU.NET au nameserver = NS1.BERKELEY.EDU au nameserver = NS2.BERKELEY.EDU au nameserver = VANGOGH.CS.BERKELEY.EDU MUNNARI.OZ.AU internet address = 126.96.36.199 MULGA.CS.MU.OZ.AU internet address = 188.8.131.52 MULGA.CS.MU.OZ.AU internet address = 184.108.40.206 NS.UU.NET internet address = 220.127.116.11 NS.EU.NET internet address = 18.104.22.168 NS1.BERKELEY.EDU internet address = 22.214.171.124 NS1.BERKELEY.EDU internet address = 126.96.36.199 NS2.BERKELEY.EDU internet address = 188.8.131.52 NS2.BERKELEY.EDU internet address = 184.108.40.206 > server ns.uu.net. -- Now query one of these name servers -- preferably a close one! Default Server: ns.uu.net Addresses: 220.127.116.11 > ls -t au. -- List the au zone. -- The zone's NS records mark delegation to subdomains -- and will give you the names of the subdomains. -- Note that not all name servers will allow you to list zones, -- for security reasons. [ns.uu.net] $ORIGIN au. @ 3D IN NS mulga.cs.mu.OZ 3D IN NS vangogh.CS.Berkeley.EDU. 3D IN NS ns1.Berkeley.EDU. 3D IN NS ns2.Berkeley.EDU. 3D IN NS ns.UU.NET. 3D IN NS ns.eu.NET. 3D IN NS munnari.OZ ORG 1D IN NS mulga.cs.mu.OZ 1D IN NS rip.psg.COM. 1D IN NS munnari.OZ 1D IN NS yalumba.connect.COM info 1D IN NS ns.telstra.net. 1D IN NS ns1.telstra.net. 1D IN NS munnari.oz 1D IN NS svc01.apnic.net. otc 4H IN NS ns2.telstra.com 4H IN NS munnari.oz 4H IN NS ns.telstra.com OZ 1D IN NS mx.nsi.NASA.GOV. 1D IN NS munnari.OZ 1D IN NS mulga.cs.mu.OZ 1D IN NS dmssyd.syd.dms.CSIRO 1D IN NS ns.UU.NET. csiro 1D IN NS steps.its.csiro 1D IN NS munnari.OZ 1D IN NS manta.vic.cmis.csiro 1D IN NS dmssyd.nsw.cmis.csiro 1D IN NS zoiks.per.its.csiro COM 1D IN NS mx.nsi.NASA.GOV. 1D IN NS yalumba.connect.COM 1D IN NS munnari.OZ 1D IN NS mulga.cs.mu.OZ 1D IN NS ns.ripe.NET. > ^D
The basic technique we used is straightforward: look up the list of name servers for the top-level domain -- because they're the only ones with complete information about the corresponding zone -- then query one of those name servers and list the name servers for the delegated subdomains.
If you can't tell from the names of the subdomains which one you belong in, you can look up the contact information for the corresponding zone and send email to the technical contact asking, politely, for advice. Similarly, if you think you should be part of an existing subdomain but aren't sure, you can always ask the folks who administer that subdomain to double-check .
To find out who to ask about a particular subdomain, you'll have to look up the corresponding zone's start of authority (SOA) record. In each zone's SOA record, there's a field that contains the electronic mail address of the zone's technical contact.  (The other fields in the SOA record provide general information about the zone -- we'll discuss them in more detail later.)
You can look up the zone's SOA record with nslookup , too. For example, if you're curious about the purpose of the csiro subdomain, you can find out who runs it by looking up csiro.au 's SOA record:
C:\> nslookup - 18.104.22.168 Default Server: ns1.mindspring.com Address: 22.214.171.124 > set type=soa -- Look for start of authority data > csiro.au. -- for csiro.au Server: ns1.mindspring.com Address: 126.96.36.199 csiro.au origin = steps.its.csiro.au mail addr = hostmaster.csiro.au serial = 2000041301 refresh = 10800 (3H) retry = 3600 (1H) expire = 3600000 (5w6d16h) minimum ttl = 86400 (1D)
The mail addr field is the Internet address of csiro.au 's contact. To convert the address into Internet email address format, you'll need to change the first "." in the address to an "@". So hostmaster.csiro.au becomes email@example.com . 
The whois service can also help you figure out the purpose of a given domain. Unfortunately , there are many whois serversmost good administrators of top-level domains run oneand they don't talk to each other, like name servers do. Consequently, the first step to using whois is finding the right whois server.
One of the easiest places to start your search for the right whois server is at http://www.allwhois.com(Figure 3-1). We mentioned earlier that this site has a list of the web sites for each country code's top-level domain; it also has a list of top-level domains with whois URLspages with HTML-based interfaces to query whois servers.
Figure 3-1. The Allwhois.com web site
Scrolling down to Australia (au) , you can click on Jump to Whois and go directly to a page where you can enter csiro.au , as shown in Figure 3-2.
Figure 3-2. Web interface for au's whois server
Clicking on Submit retrieves the information in Figure 3-3 for you.
Figure 3-3. Information about csiro.au from the au whois server
Perhaps even more interesting for the inertially challenged is the work done by WebMagic to provide a unified whois lookup service on the Web. Their web site, at http://www.webmagic.com/whois/index.html, lets you choose the top-level domain (and sometimes the second-level domain) in which the subdomain you're looking for resides, then transparently contacts the right whois server.
Obviously, these are both useful web sites if you're looking for the contact for a domain outside of the U.S.
Once you've found the right web site or the right contact, you've probably found the registrar. Outside the U.S., most domains have a single registrar. A few, though, such as Denmark's dk and Great Britain's co.uk and org.uk , have multiple registrars. However, the process described above will still lead you to them.
3.2.3 Back in the U.S.A.
In true cosmopolitan spirit, we covered international domains first. But what if you're from the good ol' U.S. of A.?
If you're in the U.S., where you belong depends mainly upon what your organization does, how you'd like your domain names to look, and how much you're willing to pay. If your organization falls into one of the following categories, you're encouraged to join us :
Even if you don't fall into one of these categories, if you'd like a domain name that indicates your location, like acme.boulder.co.us , you can register in the us top-level domain. The us domain delegates subdomains under third-level domains largely named after "localities" (usually cities or counties); the second-level domains correspond to the appropriate U.S. Postal Service two-letter state abbreviation (recall our discussion in Section 2.2 in Chapter 2). So, for example, if all you need is a subdomain to hold the two internetworked hosts in your basement in Colorado Springs, Colorado , you can register toms-basement.colorado-springs.co.us .
Finally, there's the issue of cost. It's usually cheaper to register a subdomain of the us top-level domain than to register under com , net ,or org , and sometimes it's even free.
If you'd like more detailed information on the structure of the us domain and the rules that govern it, check out the U.S. NIC's web site, at http://www.nic.us.
Of course, folks in the U.S. can also ask for a subdomain of one of the generic top-level domains. As long as you don't ask for one that's already taken, you should get the one you request. We'll cover registration under the generic top-level domains later in this chapter.
188.8.131.52 The us domain
Let's go through an example to give you an idea of how to comb the us domain namespace for the perfect domain name. Say you're helping out your son's kindergarten in Boulder, Colorado, and you want to register a domain name for the school.
Using an account you still have on a host at Colorado University (from your undergrad days), you can check to see whether a domain for Boulder exists. (If you didn't have an account there, but you did have Internet connectivity, you could still use nslookup to query a well-known name server.)
C:\> nslookup Default Server: boulder.colorado.edu Address: 184.108.40.206, 220.127.116.11 > set type=ns -- Look up the name servers > co.us. -- for co.us Default Server: boulder.colorado.edu Address: 18.104.22.168, 22.214.171.124 co.us nameserver = VENERA.ISI.EDU co.us nameserver = NS.ISI.EDU co.us nameserver = RS0.INTERNIC.NET co.us nameserver = NS.UU.NET co.us nameserver = ADMII.ARL.MIL co.us nameserver = EXCALIBUR.USC.EDU
This gives you the names of the co.us name servers. Without exiting nslookup , change to one of the co.us name servers, say venera.isi.edu , and check to see if there are any subdomains:
> server venera.isi.edu. -- Change server to venera.isi.edu Default Server: venera.isi.edu Address: 126.96.36.199 > ls -t co.us. -- List the co.us zone to look for NS records [venera.isi.edu] $ORIGIN co.us. @ 1W IN NS NS.ISI.EDU. 1W IN NS RS0.INTERNIC.NET. 1W IN NS NS.UU.NET. 1W IN NS ADMII.ARL.MIL. 1W IN NS EXCALIBUR.USC.EDU. 1W IN NS VENERA.ISI.EDU. officemate1.monument 1W IN NS ns1.direct.ca. 1W IN NS ns2.direct.ca. la-junta 1D IN NS ns2.cw.net. 1D IN NS usdns.beltane.com. 1D IN NS usdns2.beltane.com. morrison 1W IN NS NS1.WESTNET.NET. 1W IN NS NS.UTAH.EDU. littleton 1W IN NS NS1.WESTNET.NET. 1W IN NS NS.UTAH.EDU. mus 1W IN NS NS1.WESTNET.NET. 1W IN NS NS.UTAH.EDU. ci.palmer-lake 1W IN NS DNS1.REGISTEREDSITE.COM. 1W IN NS DNS2.REGISTEREDSITE.COM. co.adams 1W IN NS ns1.rockymtn.net. 1W IN NS ns2.rockymtn.net. [...]
Aha! So there is life in Colorado! There are subdomains called la-junta , morrison , littleton , mus , and many others. There's even a subdomain for Boulder (called, not surprisingly, boulder ):
boulder 1W IN NS NS1.WESTNET.NET. 1W IN NS NS.UTAH.EDU.
How do you find out how to contact the administrator of boulder.co.us ? You can try whois , but since boulder.co.us isn't a top-level country domain or a subdomain of a generic top-level domain, you won't find much. Fortunately, the U.S. NIC provides a list of email addresses of contacts for each third-level subdomain of us . See the NIC website for more information http://www.nic.us/. If you can't find the information you need there, you can use nslookup to find the SOA record for the boulder.co.us zone, just as you did to find out whom to ask about csiro.au . Though the person or persons who read mail sent to the address in the SOA record may not handle registration themselves (technical and administrative functions for the zone may be divided), it's a good bet they know the folks who do and can direct you to them.
Here's how you'd use nslookup to dig up the SOA record for boulder.co.us :
C:\> nslookup Default Server: boulder.colorado.edu Address: 188.8.131.52, 184.108.40.206 > set type=soa -- Look up SOA record > boulder.co.us. -- for boulder.co.us Default Server: boulder.colorado.edu Address: 220.127.116.11, 18.104.22.168 boulder.co.us origin = ns1.westnet.net mail addr = cgarner.westnet.net serial = 200004101 refresh = 21600 (6H) retry = 1200 (20M) expire = 3600000 (5w6d16h) minimum ttl = 432000 (5D)
As in the csiro.au example, you need to swap the first "." in the mail addr field with an "@" before you use it. Thus, cgarner.westnet.net becomes firstname.lastname@example.org .
To request delegation of a subdomain of boulder.co.us , you can download a copy of the registration form template from http://www.nic.us/cgi-bin/template.pl and mail it to the contact. If, however, you find that the subdomain for your locality hasn't yet been created, read through the us domain's delegation policy at http://www.nic.us/register/locality.html. Then fill out the registration form at http://www.nic.us/cgi-bin/template.pl.
22.214.171.124 The generic top-level domains
As we said, there are many reasons why you might want to ask for a subdomain of one of the generic top-level domains, like com , net , and org : you work for a multi- or transnational company, you like the fact that they're better-known, or you just prefer the sound of your domain name with "com" on the end. Let's go through a short example of choosing a domain name under a generic top-level domain.
Imagine you're the network administrator for a think tank in Hopkins, Minnesota. You've just gotten a connection to the Internet through a commercial ISP. Your company has never had so much as a UUCP link, so you're not currently registered in the Internet namespace.
Since you're in the United States, you have the choice of joining either us or one of the generic top-level domains. Your think tank is world-renowned, though, so us wouldn't be a good choice. A subdomain of com would be best.
The think tank is known as The Gizmonic Institute, so you decide gizmonics.com might be an appropriate domain name. Now you've got to check whether the name gizmonics.com has been taken by anyone , so you use an account you have at the University of Minnesota:
C:\> nslookup Default Server: ns.unet.umn.edu Address: 126.96.36.199 > set type=any -- Look for any records > gizmonics.com. -- for gizmonics.com Server: ns.unet.umn.edu Address: 188.8.131.52 gizmonics.com nameserver = NS2.SFO.WENET.NET gizmonics.com nameserver = NS1.SFO.WENET.NET
Whoops! Look like gizmonics.com is already taken (who would have thought?).  Well, gizmonic-institute.com is a little longer, but still intuitive:
C:\> nslookup Default Server: ns.unet.umn.edu Address: 184.108.40.206 > set type=any -- Look for any records > gizmonic-institute.com. -- for gizmonic-institute.com Server: ns.unet.umn.edu Address: 220.127.116.11 *** ns.unet.umn.edu can't find gizmonic-institute.com.: Non-existent host/domain
gizmonic-institute.com is free, so you can go on to the next step: picking a registrar.
18.104.22.168 Choosing a registrar
Choose a registrar? Welcome to the brave new world of competition! Before the spring of 1999, a single company, Network Solutions, Inc., was both the registry and sole registrar for com , net , and org ,as well as edu .To register a subdomain of any of the generic top-level domains, you had to go to Network Solutions.
In June 1999, ICANN, the organization that manages the domain namespace (we mentioned them in the last chapter) introduced competition to the registrar function of com , net , and org . There are now dozens of com , net , and org registrars from which you can choose (see http://www.internic.net/regist.html).
We won't presume to tell you how to pick a registrar, but take a look at the price and any other services the registrar might provide that interest you. See if you can get a nice package deal on registration and aluminum siding, for example.
3.2.4 Checking That Your Network Is Registered
Before proceeding, you should check whether or not your IP network or networks are registered. Some registrars won't delegate a subdomain to name servers on unregistered networks, and network registries (we'll talk about them shortly) won't delegate an in-addr.arpa zone that corresponds to an unregistered network.
An IP network defines a range of IP addresses. For example, the network 15/8 is made up of all IP addresses in the range 22.214.171.124 to 126.96.36.199. The network 199.10.25/24 starts at 188.8.131.52 and ends at 184.108.40.206.
The InterNIC was once the official source of all IP networks; they assigned all IP networks to Internet-connected networks and made sure no two address ranges overlapped . Nowadays, the InterNIC's old role has been largely assumed by Internet service providers (ISPs), who allocate space from their own networks for customers to use. If you know your network came from your ISP, the larger network from which your network was carved is probably registered (to your ISP). You may still want to double-check that your ISP took care of registering their network, but you don't have to (and probably can't) do anything yourself, except nag your ISP if they didn't register their network. Once you've verified their registration, you can skip the rest of this section and move on.
If your network was assigned by the InterNIC, way back when, or you are an ISP, you should check to see whether your network is registered. Where do you go to check whether your network is registered? Why, to the same organizations that register networks, of course. These organizations, called (what else?) network registries , each handle network registration in some part of the world. In the Western Hemisphere, ARIN, the American Registry of Internet Numbers (http://www.arin.net), hands out IP address space and registers networks. In Asia and the Pacific, APNIC, the Asia Pacific Network Information Center (http://www.apnic.net), serves the same function. In Europe, it's the RIPE Network Coordination Centre (http://www.ripe.net). Each registry may also delegate registration authority for a region; for example, ARIN delegates registration authority for Mexico and Brazil to network registries in each country. Be sure to check for a network registry local to your country.
If you're not sure your network is registered, the best way to find out is to use the whois services provided by the various network registries to look for your network. Here are the URLs for each registry's whois page:
If you find out your network isn't registered, you'll need to get it registered before setting up your in-addr.arpa zones. Each registry has a different process for registering networks, but most involve money changing hands (from your hands to theirs, unfortunately).
You may find out that your network is already assigned to your ISP. If this is the case, you don't need to register independently with the network registry.
Once all your Internet-connected hosts are on registered networks, you can register your zones.
3.2.5 Registering Your Zones
Different registrars have different registration policies and procedures, but most, at this point, handle registration online, through their web sites. Since you found or chose your registrar earlier in the chapter, we'll assume you know which web site to use.
The registrar will need to know the domain names and addresses of your name servers and enough information about you to send you a bill or charge your credit card. If you're not connected to the Internet, give them the addresses of the Internet hosts that will act as your name servers. Some registrars also require that you already have operational name servers for your zone. (Those that don't may ask for an estimate of when the name servers will be fully operational.) If that's the case with your registrar, skip ahead to Chapter 4and set up your name servers. Then contact your registrar with the requisite information.
Most registrars will also ask for some information about your organization, including an administrative contact and a technical contact for your zone (who can be the same person). If your contacts aren't already registered in the registrar's whois database, you'll also need to provide information to register them in whois . This includes their names, surface mail addresses, phone numbers, and electronic mail addresses. If they are already registered in whois , just specify their whois "handles" (unique alphanumeric IDs) in the registration.
There's one more aspect of registering a new zone that we should mention: cost. Most registrars are commercial enterprises and charge money for registering domain names. Network Solutions, the original registrar for com , net ,and org , charges $35 per year to register subdomains under the generic top-level domains. (If you already have a subdomain under com , net , or org and haven't received a bill from Network Solutions recently, it'd be a good idea to check your contact information with whois to make sure they've got a current address and phone number for you.)
If you're directly connected to the Internet, you should also have the in-addr.arpa zones corresponding to your IP networks delegated to you. For example, if your company was allocated the network 192.201.44/24, you should manage the 44.201.192.in-addr.arpa zone. This will let you control the IP address-to-name mappings for hosts on your network. Chapter 4 also explains how to set up your in-addr.arpa zones.
In Section 3.2.4, we asked you to find the answers to several questions: is your network a slice of an ISP's network? Is your network, or the ISP network that your network is part of, registered? If so, in which network registry? You'll need these answers to have your in-addr.arpa zones delegated to you.
If your network is part of a larger network registered to an ISP, you should contact the ISP to have the appropriate subdomains of their in-addr.arpa zone delegated to you. Each ISP uses a different process for setting up in-addr.arpa delegation. Your ISP's web page is a good place to research that process. If you can't find the information there, try looking up the SOA record for the in-addr.arpa zone that corresponds to your ISP's network. For example, if your network is part of UUNET's 153.35/16 network, you could look up the SOA record of 35.153.in-addr.arpa to find the email address of the technical contact for the zone.
If your network is registered directly with one of the regional network registries, contact them to get your in-addr.arpa zone registered. Each network registry makes information on its delegation process available on its web site.
Now that you've registered your zones, you'd better take some time to get your house in order. You've got some name servers to set up, and in the next chapter, we'll show you how.