Glossary // Fully Qualified Domain Name (FQDN)
What is FQDN?
A FQDN is the most basic unit of the hierarchical, word-centric labeling system used to map memorable pieces of language on top the Internet’s primary resource identifier and addressing system. As it is much easier to remember an identifier such as Aviatrix.com or Salesforce.com rather than 220.127.116.11, the Domain Name Service operates in singular fashion for mapping names to these addresses.
For a domain name to be fully qualified, it needs to work, which means that users are able to get an HTTP 200 response that returns the index.html of their web application. This points to a resource that can be appropriately mapped through the global DNS service, that has been properly informed by their domain name registrar. This registrar supplies an authoritative DNS server with the IP address of their web server.
The naming convention of the FQDN that allows it to locate a resource are threefold:
- A top level domain, (com, net, org, etc.).
- A second-level domain, (usually referred to as the domain name).
- A dot notation separator (which actually represents the root domain of the entire internet).
This the minimum requirement for the DNS naming convention to operate. To create a logical separations between different parts of digital assets or web application functions, sub-level domains (usually third level domains) are instituted as another form of resource identifier within a given hosting filesystem. Requiring a canonical name record entry to route to an identifier like “login.aviatrix.com”, is not necessary for the DNS system to function.
With respect to public cloud services (AWS, Azure, GCP), FQDN is often used when referring to filtering. Organizations, either for security reasons or to meet regulatory compliance, often like to inspect and control (egress) traffic leaving their VPCs. For example, a business might allow a resource to communicate with another AWS service or with Salesforce.com, but not with other domains.