• 0 Posts
  • 7 Comments
Joined 1 year ago
cake
Cake day: July 2nd, 2023

help-circle

  • My understanding with phones is that you phone your own provider, who then looks up the provider of the number you’re calling based on country code, provider or area code prefixes. Providers will “peer” with each other to route calls over the most cost efficient path. So the other sides provider is responsible for getting it to the right destination phone within thier own customer network. Theres no authentication from the sending party on a protocol level, this is why scammers can spoof as any phone number.

    I believe that IP routing does something similar, the IP data is handed over to possibly multiple providers until it reaches its destination provider. The blocks of ip addresses are published as linked to an Autonomous System and each autonomous system has an owner/provider. The source is not authenticated at a protocol level which is why we need client and server certificates.

    In DNS you go to the root TLD servers and ask what IP the .com resolver is. The .com resolver has a list of mappings of authoritative name servers to domains. So example.com may have an authoritative NS of 1.2.3.4 who you can go to and ask what IP test.example.com is hosted on. The authoritative name server is the source of truth for that domain and other servers cache it to prevent overloading and increase speed. You may check with the authoritative NS if you want, but it may be slower to respond than your local NS. Again DNS is not authenticated at the protocol level so we need server certificates to prove that the device behind the IP serving you is allowed to serve you test.example.com.