history
The Creation of DNS
How Paul Mockapetris designed a distributed naming system in 1983 that still runs the internet forty years later
A bold, disarmingly simple design
Several competing proposals for replacing HOSTS.TXT were circulating in the early 1980s. Jon Postel, who ran the networking group at USC’s Information Sciences Institute, asked a young researcher named Paul Mockapetris to evaluate the various ideas and come up with his own proposal.
Drawing on his experience at the MIT Architecture Machine Group and UC Irvine’s Distributed Computer System, Mockapetris designed what he later described as “a bold, disarmingly simple” system. In November 1983, he single-authored two foundational documents:
- RFC 882: “Domain Names — Concepts and Facilities”
- RFC 883: “Domain Names — Implementation and Specification”
These RFCs defined the core architecture of what we now call DNS.
The design decisions that lasted
Mockapetris’s design introduced several concepts that were revolutionary for 1983 — and remain the foundation of how DNS works today:
| Design element | Description |
|---|---|
| Hierarchical namespace | Names structured as host.domain.tld instead of flat names, eliminating collisions |
| Distributed database | No single point of failure; authority delegated across the hierarchy |
| Resource records | A flexible record system supporting addresses (A), mail routing (MX), and arbitrary metadata |
| Recursive and iterative queries | Clients can ask a resolver to do all the work (recursive) or walk the tree themselves (iterative) |
| Authoritative vs. caching servers | Authoritative servers hold definitive data; caching servers store recent lookups |
| Delegated administration | Each domain owner manages their own zone, removing the central bottleneck |
| TTL (Time to Live) | Each record has an expiration timer, balancing freshness against query load |
The genius of the design was its separation of concerns. Zone operators controlled their own data. Resolvers cached aggressively to reduce load. The hierarchy distributed authority naturally — .com managed .com domains, each domain managed its own subdomains. No central authority needed to approve every change.
Jeeves: the first DNS server
Mockapetris didn’t just write the specification — he also built the first working DNS server, called Jeeves, for the DEC TOPS-20 operating system in 1983. He deployed it at ISI and SRI for the initial root servers. By 1986, his DNS implementation was running on all the internet’s root servers.
The revised RFCs
After four years of real-world operational experience, Mockapetris updated and expanded the original specifications:
- RFC 1034: “Domain Names — Concepts and Facilities” (obsoleted RFC 882)
- RFC 1035: “Domain Names — Implementation and Specification” (obsoleted RFC 883)
These two documents, published in November 1987, remain the definitive base specifications for DNS. They have been supplemented by hundreds of subsequent RFCs — for DNSSEC, EDNS, encrypted transport, and more — but the core architecture is unchanged.
The 13 root servers
A critical architectural decision was limiting the DNS root to 13 named root servers (A through M). This was driven by a practical constraint: the list of root servers had to fit inside a single 512-byte UDP packet (the maximum unfragmented size under IPv4). That budget could hold exactly 13 IPv4 addresses plus the required DNS header data.
Originally, 10 of the 13 were located in the United States, with the remaining three in Stockholm (I-Root), Amsterdam (K-Root), and Tokyo (M-Root). Today, all 13 logical servers are operated using anycast routing across over 1,900 physical instances in more than 130 countries.
ISC became the first root server operator to deploy IP anycast in 2002, proving that a single logical server identity could safely span hundreds of physical machines worldwide.
The people behind DNS
Paul Mockapetris (b. 1948)
The inventor of DNS. Working at USC’s Information Sciences Institute under Jon Postel, he designed the system, wrote the RFCs, and built the first implementation. He later co-founded Nominum, a DNS infrastructure company. Inducted into the Internet Hall of Fame in 2012 and received the ACM Software System Award in 2020.
Jon Postel (1943–1998)
The Economist magazine dubbed him “the God of the Internet.” Postel served as RFC Editor from the inception of the series in 1969 until his death — nearly 30 years as the gatekeeper of internet standards. He founded IANA (Internet Assigned Numbers Authority), invented the IP address numbering scheme, and supervised Mockapetris’s DNS work.
He died on October 16, 1998, of complications from heart surgery — just 16 days after ICANN’s incorporation. RFC 2468, titled “I Remember IANA,” was published as a tribute.
Postel’s Law (the Robustness Principle): “Be conservative in what you send, be liberal in what you accept” — from RFC 760 (1980). This philosophy shaped not just DNS but the internet’s entire protocol culture.
Dan Kaminsky (1979–2021)
In 2008, Kaminsky discovered a fundamental DNS cache poisoning vulnerability (CVE-2008-1447) that affected virtually every DNS implementation on the planet. He coordinated one of the largest simultaneous vendor patch releases in history. The New York Times called him “an Internet security savior.” He died on April 23, 2021, at age 42, and was posthumously inducted into the Internet Hall of Fame.
Paul Vixie (b. 1963)
Took over BIND development in 1988 and founded the Internet Software Consortium (ISC), which maintains BIND to this day. ISC also operates the F-Root name server. Inducted into the Internet Hall of Fame in 2014.