Root name server

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Template:Short description Template:Use American English Template:Use dmy dates

File:Ams-ix.k.root-servers.net.jpg
A Cisco 7301 router and a Juniper M7i, part of the K root-server instance at AMS-IX

A root name server is a name server for the root zone of the Domain Name System (DNS) of the Internet. It directly answers requests for records in the root zone and answers other requests by returning a list of the authoritative name servers for the appropriate top-level domain (TLD). The root name servers are a critical part of the Internet infrastructure because they are the first step in resolving human-readable host names into IP addresses that are used in communication between Internet hosts.

A combination of limits in the DNS and certain protocols, namely the practical size of unfragmented User Datagram Protocol (UDP) packets, resulted in a decision to limit the number of root servers to thirteen server addresses.[1][2] However, enabled by the use of anycast addressing, the actual number of root server instances—1954—is much larger, since December 5, 2025Template:Dated maintenance category (articles)Script error: No such module "Check for unknown parameters"..[3]

Root domain

The DNS is a hierarchical naming system for computers, services, or any resource participating in the Internet. The top of that hierarchy is the root domain. The root domain does not have a formal name and its label in the DNS hierarchy is an empty string. All fully qualified domain names (FQDNs) on the Internet can be regarded as ending with this empty string for the root domain, and therefore ending in a full stop character (the label delimiter), e.g., "Template:Mono". This is generally implied rather than explicit, as modern DNS software does not actually require that the terminating dot be included when attempting to translate a domain name to an IP address.

The root domain contains all top-level domains of the Internet. since July 2015Template:Dated maintenance category (articles)Script error: No such module "Check for unknown parameters"., it contained 1058 TLDs, including 730 generic top-level domains (gTLDs) and 301 country code top-level domains (ccTLDs).Script error: No such module "Unsubst". In addition, the root domain is used for technical name spaces in the management of Internet addressing and other resources, as well as for testing internationalized domain names.Script error: No such module "Unsubst".

Resolver operation

When a computer on the Internet needs to resolve a domain name, it uses DNS resolver software to perform the lookup. A resolver breaks the name up into its labels from right to left. The first component (TLD) is queried using a root server to obtain the responsible authoritative server. Queries for each label return more specific name servers until a name server returns the answer of the original query.

In practice, most of this information does not change very often over a period of hours, and therefore it is cached by intermediate name servers or by a name cache built into the user's application. DNS lookups to the root name servers may therefore be relatively infrequent. A survey in 2003 reported that only 2% of all queries to the root servers were legitimate. Incorrect or non-existent caching was responsible for 75% of the queries, 12.5% were for unknown TLDs, and 7% were for lookups using IP addresses as if they were domain names.[4]

  1. REDIRECT Template:Update inline Some misconfigured desktop computers even tried to update the root server records for the TLDs. A similar list of observed problems and recommended fixes has been published in RFC 4697.Script error: No such module "Unsubst".

Although any local implementation of DNS can implement its own private root name servers, the term "root name server" is generally used to describe the thirteen well-known root name servers that implement the root name space domain for the Internet's official global implementation of the Domain Name System. Resolvers use a small 3 KB root.hints file published by Internic[5] to bootstrap this initial list of root server addresses; in other words, root.hints is necessary in order to break the circular dependency of needing to know the addresses of a root name server to lookup the same address.

Root server addresses

There are 13 logical root name servers specified, with logical names in the form Template:Mono, where Template:Mono ranges from a to m. The choice of 13 name servers was made because of limitations in the original DNS specification, which specifies a maximum packet size of 512 bytes when using the User Datagram Protocol (UDP).[6] Technically however, fourteen name servers fit into an IPv4 packet.

The addition of IPv6 addresses for the root name servers requires more than 512 bytes, which is facilitated by the EDNS0 extension to the DNS standard.[7]

Although 13 root name servers are specified, this does not mean that there are only 13 physical servers; each operator uses redundant computer equipment so that it can continue providing reliable service even if server hardware or software fails. Additionally, all operate in multiple geographical locations using a routing technique called anycast addressing, providing increased performance and even more fault tolerance. An informational homepage exists for every logical server (except G-Root) under the Root Server Technical Operations Association domain with web address in the form Template:Mono, where Template:Mono ranges from a to m.

Ten servers were originally in the United States; all are now operated using anycast addressing. Three servers were originally located in Stockholm, Sweden (I-Root), Amsterdam, Netherlands (K-Root), and Tokyo, Japan (M-Root) respectively.

Older servers had their own name before the policy of using similar names was established. Since the implementation of anycast addressing, most of the physical root servers are now outside the United States, allowing for high performance worldwide. A local instance is only visible to nearby networks, for example, particular exchange points.

Letter IPv4 address IPv6 address AS-number[8] Old name Operator Operator origin Location & no. of
sites (global/local)[9] 		Software
A Template:IPaddr Template:IPaddr AS19836,[8][note 1] AS36619, AS36620, AS36622, AS36625, AS36631, AS64820[note 2][10] ns.internic.net Verisign Script error: No such module "flag". Distributed using anycast
34/22 		NSD and Verisign ATLAS
B Template:IPaddr[11]Template:Refn Template:IPaddr[11] AS394353[12] ns1.isi.edu USC-ISI Script error: No such module "flag". Distributed using anycast
6/0 		BIND, GoDaddy[13] and Knot DNS[14]
C Template:IPaddr Template:IPaddr AS2149[8][15] c.psi.net Cogent Communications Script error: No such module "flag". Distributed using anycast
13/0 		BIND
D Template:IPaddr[note 3][16] Template:IPaddr AS10886[note 4][8][17] terp.umd.edu University of Maryland Script error: No such module "flag". Distributed using anycast
23/208 		NSD[18]
E Template:IPaddr Template:IPaddr AS21556[8][19] ns.nasa.gov NASA Ames Research Center Script error: No such module "flag". Distributed using anycast
130/198 		BIND and NSD
F Template:IPaddr Template:IPaddr AS3557[8][20] ns.isc.org Internet Systems Consortium Script error: No such module "flag". Distributed using anycast
129/225 		BIND[21] and Cloudflare [22]
G[note 5] Template:IPaddr[note 6] Template:IPaddr[note 6] AS5927[8][23] ns.nic.ddn.mil Defense Information Systems Agency Script error: No such module "flag". Distributed using anycast
6/0 		BIND
H Template:IPaddr[note 7][24] Template:IPaddr[note 8][24] AS1508[24][note 9][25] aos.arl.army.mil U.S. Army Research Lab Script error: No such module "flag". Distributed using anycast
12/0 		NSD
I Template:IPaddr Template:IPaddr AS29216[8][26] nic.nordu.net Netnod Script error: No such module "flag". Distributed using anycast
90/0 		BIND
J Template:IPaddr[note 10] Template:IPaddr AS26415,[8][27] AS36626, AS36628, AS36632[27] Verisign Script error: No such module "flag". Distributed using anycast
62/86 		NSD and Verisign ATLAS
K Template:IPaddr Template:IPaddr AS25152[8][28][29] RIPE NCC Script error: No such module "flag". Distributed using anycast
134/12 		BIND, NSD and Knot DNS[30]
L Template:IPaddr[note 11][31] Template:IPaddr[note 12][32] AS20144[8][33][34] ICANN Script error: No such module "flag". Distributed using anycast
143/0 		NSD and Knot DNS[35]
M Template:IPaddr Template:IPaddr AS7500[8][36][37] WIDE Project Template:JAP Distributed using anycast
8/19 		BIND
File:Root-current.svg
A map of the thirteen logical name servers, including anycasted instances, at the end of 2006

There are also several alternative namespace systems with an alternative DNS root using their own set of root name servers that exist in parallel to the mainstream name servers. The first, AlterNIC, generated a substantial amount of press.Script error: No such module "Unsubst".

The function of a root name server may also be implemented locally, or on a provider network. Such servers are synchronized with the official root zone file as published by ICANN, and do not constitute an alternate root.

Template:Missing information As the root name servers are an important part of the Internet, they have come under attack several times, although none of the attacks have ever been serious enough to severely affect the performance of the Internet.

Root server supervision

The DNS Root Server System Advisory Committee is an ICANN committee. ICANN's bylaws[38] say the committee provides advice to ICANN but the committee claims no authority over the servers or server operators.

Root zone file

The root zone file is a small (about 2 MB) data set[5] at the apex of the Domain Name System, and its publication is the primary purpose of root name servers. It is not to be confused with the root.hints file used to bootstrap a resolver.

The contents of the root zone file is a list of names and numeric IP addresses of the root domain authoritative DNS servers for all top-level domains (TLDs) such as com, org, edu, and the country code top-level domains (it also includes that info for root domain, the dot). On 12 December 2004, 773 different authoritative servers for the TLDs were listed. Later the number of TLDs increased greatly. since July 2020Template:Dated maintenance category (articles)Script error: No such module "Check for unknown parameters"., the root zone consisted of 1511 useful TLDs (excluded are: 55 domains that are not assigned, 8 that are retired, and 11 test domains). Other name servers forward queries for which they do not have any information about authoritative servers to a root name server. The root name server, using its root zone file, answers with a referral to the authoritative servers for the appropriate TLD or with an indication that no such TLD exists.[39]

See also

Script error: No such module "Portal".

Notes

<templatestyles src="Reflist/styles.css" />

  1. AS19836 is not listed by the RIPEstat tool, though one can see it in https://stat.ripe.net/AS19836#tabId=at-a-glance
  2. AS64820 is listed as "private use" in RIPE's RISwhois tool
  3. Since 3 January 2013; originally was Template:IPaddr.
  4. Since November 2017; originally was AS27.
  5. Formerly http://www.nic.mil/ (Internet Archive link); unlike all other DNS root servers, G-Root does not implement a homepage under root-servers.org, i.e. http://g.root-servers.org/Script error: No such module "Unsubst"..
  6. a b Unlike all other DNS root servers, G-Root does not respond to pings.
  7. Since 1 December 2015; originally was Template:IPaddr.
  8. Since 1 December 2015; originally was Template:IPaddr.
  9. Since 1 December 2015; originally was AS13.
  10. Since November 2002; originally was Template:IPaddr.
  11. Since 1 November 2007; originally was Template:IPaddr.
  12. Since 23 March 2016; originally was Template:IPaddr.

Script error: No such module "Check for unknown parameters".

References

<templatestyles src="Reflist/styles.css" />

  1. Script error: No such module "citation/CS1".
  2. Script error: No such module "citation/CS1".
  3. Script error: No such module "citation/CS1".
  4. Script error: No such module "citation/CS1".
  5. a b Script error: No such module "citation/CS1".
  6. RFC 1035 Domain names – implementation and specification
  7. ICANN: Accommodating IP Version 6 Address Resource Records for the Root of the Domain Name System
  8. a b c d e f g h i j k l AS-numbers and IP-addresses from Root-servers.org homepage checked 9 January 2014
  9. Location and sites from Root-servers.org homepage checked 5/12/2025
  10. Script error: No such module "citation/CS1".
  11. a b Script error: No such module "citation/CS1".
  12. Script error: No such module "citation/CS1".
  13. Script error: No such module "citation/CS1".
  14. Script error: No such module "citation/CS1".
  15. Script error: No such module "citation/CS1".
  16. Script error: No such module "citation/CS1".
  17. RISwhois, excluding less-specific AS3303 route announcement
  18. D-root History page
  19. Script error: No such module "citation/CS1".
  20. Script error: No such module "citation/CS1".
  21. Script error: No such module "citation/CS1".
  22. Script error: No such module "citation/CS1".
  23. Script error: No such module "citation/CS1".
  24. a b c Script error: No such module "citation/CS1".
  25. Script error: No such module "citation/CS1".
  26. Script error: No such module "citation/CS1".
  27. a b Script error: No such module "citation/CS1".
  28. Script error: No such module "citation/CS1".
  29. Script error: No such module "citation/CS1".
  30. K-root Homepage
  31. Script error: No such module "citation/CS1".
  32. Script error: No such module "citation/CS1".
  33. [1], excluding less-specific AS3303 route announcement
  34. Script error: No such module "citation/CS1".
  35. l.root-servers.net
  36. Script error: No such module "citation/CS1".
  37. Script error: No such module "citation/CS1".
  38. Script error: No such module "citation/CS1".
  39. ISOC, DNS Root Name Servers explained for the non-expert, (Available online, accessed 19 March 2010.)

Script error: No such module "Check for unknown parameters".

Further reading

External links

Retrieved from "http://debianws.lexgopc.com/wiki143/index.php?title=Root_name_server&oldid=4519228"