About Fully Qualified Domain Names (FQDNs)
“Fully qualified” refers to the unique identification that guarantees that all of the domain levels are specified. The fully qualified domain name consists of three or more labels: The top level domain, the domain names, optional subdomains, and the host name. If a domain name doesn't specify all of the labels that are required for the FQDN, then this is called a “Partially Qualified Domain Name” (PQDN). This often means that only the host name is given. The generic name or the FQDN and its IP address is the “Fully Qualified Host Name” (FQHN).
The structure of an FQDN is predefined by the domain name system (DNS). The names of the individual levels in the domain name area are called “labels” and are separated from one another by dots. Each label must consist of 1 to 63 characters and the total FQDN may not exceed 255 characters in total. Only letters, numbers, or dashes can be used. Each label has to have either a letter or a number at the beginning.
The benefits of using FQDN include:
- FQDNs offer more reliability because they don't change when the underlying IP addresses change, such as traffic that's routed through load balancers. This can help to reduce downtime and improve the reliability of your cloud workloads.
- FQDNs are more human-readable and easier to remember than IP addresses. This can make your VPN profiles and policies more readable and easier to maintain.
- FQDNs can help to improve the security of your applications by making it more difficult for DNS spoofing attacks.
Secure Access FQDN objects can be used within hierarchical, global, and regional network VPN policies to regulate traffic to or from specific domains, as discussed in the following sections.