๐ข
What Does It Take to Become a DNS Provider Like onamae.com?
From ICANN Accreditation to Anycast Infrastructure โ Behind the Scenes of a Domain Registrar
A detailed explanation of the infrastructure, accreditation process, and business model required to become a registrar that registers domains and hosts DNS.
Architecture Diagram
DNS Provider Infrastructure (3-Layer Architecture)
๐
ICANN
Internet Resource Governance
↓
๐๏ธ
Registry
TLD Management: Verisign (.com), JPRS (.jp), etc.
↓
๐ช
Registrar
Domain Sales: onamae.com, Namecheap, GoDaddy, etc.
↓
๐ค
End User
Domain Purchase & Setup
Required Registrar Infrastructure Components
๐
Anycast DNS Network
Globally distributed DNS server network. Same IP responds from multiple locations to minimize latency.
๐
EPP Gateway
Extensible Provisioning Protocol โ Standard protocol for registry communication. Handles domain registration/renewal/transfer.
๐๏ธ
WHOIS / RDAP
Domain owner information lookup database. RDAP is the next-gen standard replacing WHOIS (JSON-based, auth support).
๐ณ
Billing System
Handles domain registration/renewal fees. Auto-renewal, expiry notifications, payment gateway integration.
Domain Registration Flow (EPP Protocol)
1
User Purchases Domain
Search and pay for desired domain on the registrar website
2
Registrar โ Registry (EPP)
Sends registration request via EPP protocol. XML-based, TCP port 700.
3
Registry Updates TLD Zone File
Adds new NS record to .com zone file. Propagates to TLD servers worldwide.
Role Comparison: Registry vs Registrar vs Reseller
| Registry | Registrar | Reseller | |
|---|---|---|---|
| Role | TLD Ownership/Management | ICANN-accredited Seller | Registrar-delegated Resale |
| Examples | Verisign, JPRS, PIR | onamae.com, GoDaddy, Namecheap | Hosting providers, Web agencies |
| ICANN Accreditation | Contract required | Required | Not required |
| Pricing Power | Sets wholesale price | Sets retail price | Adds margin |
Key Points
•
EPP (Extensible Provisioning Protocol) is the only official communication channel between registrar and registry
•
Anycast DNS is the core infrastructure for DDoS defense and global response speed
•
Transition from WHOIS to RDAP is ongoing โ RDAP provides structured JSON responses and access control
How It Works
1
Apply for ICANN registrar accreditation ($3,500 fee + review)
2
Build technical infrastructure: Anycast DNS, redundant nameservers, DDoS protection
3
Implement EPP protocol to integrate with registries (Verisign, etc.)
4
Build WHOIS/RDAP database and provide public lookup service
5
Establish data escrow agreement (ICANN requirement: backup domain data with third party)
6
Build user dashboard/API to provide domain registration/management service
7
Pass regular ICANN audits and maintain compliance
Pros
- ✓ Recurring revenue model (annual renewal fees)
- ✓ Revenue expansion through add-on services (SSL, email, DNS hosting)
- ✓ Stable demand as a core role in internet infrastructure
- ✓ Economies of scale reduce per-unit costs
Cons
- ✗ High barrier to entry for ICANN accreditation (cost, technology, time)
- ✗ Very low margins on domain registration ($1-3 above cost)
- ✗ High operational costs for Anycast DNS infrastructure
- ✗ Compliance burden of responding immediately to ICANN regulatory changes
Use Cases
Large-scale domain sales business (onamae.com, Namecheap)
Domain provision integrated with cloud/CDN services (Cloudflare)
Running as a reseller for web hosting company add-on services
Operating a ccTLD (.jp, .kr, etc.) specialized registrar