Login
Login

Root name server

{{Short description|Name server for the DNS root zone}}

{{Use American English|date=January 2019}}

{{Use dmy dates|date=January 2020}}

File:ams-ix.k.root-servers.net.jpg 7301 router and a Juniper M7i, part of the K root-server instance at AMS-IX]]

A root name server is a name server for the root zone of the Domain Name System (DNS) of the Internet. It directly answers requests for records in the root zone and answers other requests by returning a list of the authoritative name servers for the appropriate top-level domain (TLD). The root name servers are a critical part of the Internet infrastructure because they are the first step in resolving human-readable host names into IP addresses that are used in communication between Internet hosts.

A combination of limits in the DNS and certain protocols, namely the practical size of unfragmented User Datagram Protocol (UDP) packets, resulted in a decision to limit the number of root servers to thirteen server addresses.{{cite mailing list |url=https://lists.isc.org/pipermail/bind-users/2011-November/085653.html |title=Reason for Limited number of Root DNS Servers |date=11 November 2011 |access-date=8 January 2016 |mailing-list=bind-users |author=Mark Andrews, ISC }}{{cite web|url=https://www.netnod.se/dns/dns-root-server-faq|title=DNS root server FAQ|publisher=Netnod|access-date=18 January 2016}} The use of anycast addressing permits the actual number of root server instances to be much larger, and is 1,733 {{as of|2024|03|04|lc=on|df=US}}.{{cite web|url=https://root-servers.org/|title=root-servers.org|access-date=4 March 2024}}

Root domain

The DNS is a hierarchical naming system for computers, services, or any resource participating in the Internet. The top of that hierarchy is the root domain. The root domain does not have a formal name and its label in the DNS hierarchy is an empty string. All fully qualified domain names (FQDNs) on the Internet can be regarded as ending with this empty string for the root domain, and therefore ending in a full stop character (the label delimiter), e.g., "{{mono|www.example.com.}}". This is generally implied rather than explicit, as modern DNS software does not actually require that the terminating dot be included when attempting to translate a domain name to an IP address.

The root domain contains all top-level domains of the Internet. {{As of|2015|07}}, it contained 1058 TLDs, including 730 generic top-level domains (gTLDs) and 301 country code top-level domains (ccTLDs) in the root domain.{{cite web|url=https://www.iana.org/domains/root/db|title=Root Zone Database|publisher=IANA}} In addition, the {{mono|ARPA}} domain is used for technical name spaces in the management of Internet addressing and other resources. A {{mono|TEST}} domain is used for testing internationalized domain names.

Resolver operation

When a computer on the Internet needs to resolve a domain name, it uses resolver software to perform the lookup. A resolver breaks the name up into its labels from right to left. The first component (TLD) is queried using a root server to obtain the responsible authoritative server. Queries for each label return more specific name servers until a name server returns the answer of the original query.

In practice, most of this information does not change very often over a period of hours and therefore it is cached by intermediate name servers or by a name cache built into the user's application. DNS lookups to the root name servers may therefore be relatively infrequent. A survey in 2003 reported that only 2% of all queries to the root servers were legitimate. Incorrect or non-existent caching was responsible for 75% of the queries, 12.5% were for unknown TLDs, 7% were for lookups using IP addresses as if they were domain names, etc.{{cite web

|author=Duane Wessels |author2=Marina Fomenkov

|title=Wow, That's a Lot of Packets

|year=2003

|url=http://dns.measurement-factory.com/writings/wessels-pam2003-paper.pdf

|access-date = 7 November 2013}} Some misconfigured desktop computers even tried to update the root server records for the TLDs. A similar list of observed problems and recommended fixes has been published in RFC 4697.

Although any local implementation of DNS can implement its own private root name servers, the term "root name server" is generally used to describe the thirteen well-known root name servers that implement the root name space domain for the Internet's official global implementation of the Domain Name System. Resolvers use a small 3 KB root.hints file published by Internic to bootstrap this initial list of root server addresses; in other words, root.hints is necessary to break the circular dependency of needing to know the addresses of a root name server to lookup the same address.

Root server addresses

There are 13 logical root name servers specified, with logical names in the form {{mono|letter.root-servers.net}}, where {{mono|letter}} ranges from a to m. The choice of thirteen name servers was made because of limitations in the original DNS specification, which specifies a maximum packet size of 512 bytes when using the User Datagram Protocol (UDP).RFC 1035 Domain names – implementation and specification Technically however, fourteen name servers fit into an IPv4 packet. The addition of IPv6 addresses for the root name servers requires more than 512 bytes, which is facilitated by the EDNS0 extension to the DNS standard.[https://www.icann.org/en/system/files/files/sac-018-en.pdf ICANN: Accommodating IP Version 6 Address Resource Records for the Root of the Domain Name System]

This does not mean that there are only 13 physical servers; each operator uses redundant computer equipment to provide reliable service even if failure of hardware or software occurs. Additionally, all operate in multiple geographical locations using a routing technique called anycast addressing, providing increased performance and even more fault tolerance. An informational homepage exists for every logical server (except G-Root) under the [https://root-servers.org/ Root Server Technical Operations Association] domain with web address in the form {{mono|http://letter.root-servers.org/}}, where {{mono|letter}} ranges from a to m.

Ten servers were originally in the United States; all are now operated using anycast addressing. Three servers were originally located in Stockholm (I-Root), Amsterdam (K-Root), and Tokyo (M-Root) respectively.

Older servers had their own name before the policy of using similar names was established. With anycast, most of the physical root servers are now outside the United States, allowing for high performance worldwide.

class="wikitable sortable" style="font-size:85%;"
Letter

! IPv4 address

! IPv6 address

! AS-numberAS-numbers and IP-addresses from [https://root-servers.org/ Root-servers.org homepage] checked 9 January 2014

! Old name

! Operator

! Operator origin

! Location & no. of
sites (global/local)Location and sites from [http://root-servers.org/ Root-servers.org homepage] checked 10 October 2014

! Software

[http://a.root-servers.org/ A]

| {{IPaddr|198.41.0.4}}

| {{IPaddr|2001:503:ba3e::2:30}}

| AS19836,[https://stat.ripe.net/widget/bgplay#w.resource=AS19836&w.ignoreReannouncements=true&w.rrcs=0,1,6,7,11,14,3,4,5,10,12,13,15&w.starttime=1356998400&w.endtime=1389250800&w.instant=null&w.type=bgp AS19836] is not listed by the RIPEstat tool, though one can see it in https://stat.ripe.net/AS19836#tabId=at-a-glance AS36619, AS36620, AS36622, AS36625, AS36631, AS64820[http://www.ris.ripe.net/cgi-bin/riswhois.cgi?address=198.41.0.4&matchtype=L&submit=Query+RISwhois AS64820] is listed as "private use" in RIPE's RISwhois tool{{cite web|url=http://www.ris.ripe.net/cgi-bin/riswhois.cgi?address=198.41.0.4&matchtype=L&submit=Query+RISwhois |title=RIS – RIPE Network Coordination Centre |publisher=Ris.ripe.net |access-date=23 January 2014}}

| ns.internic.net

| Verisign

| {{USA}}

| Distributed using anycast
14/2

|NSD and Verisign ATLAS

[https://b.root-servers.org/ B]

| {{IPaddr|170.247.170.2}}{{cite web|url=https://www.iana.org/domains/root/servers|title=List of Root Servers}}{{refn|group=note|Originally it was {{IPaddr|128.9.0.107}}; on 29 January 2004, it was changed to {{IPaddr|192.228.79.201}}.{{Cite web |title=New IPv4 address for b.root-servers.net |url=https://b.root-servers.org/news/2004/02/02/new-ipv4.html |date=2004-02-02 |access-date=2023-10-23 |website=b.root-servers.org}} On 24 October 2017, it was changed to {{IPaddr|199.9.14.201}}.{{Cite web |title=B-Root's IPv4 address to be renumbered 2017-10-24 |url=https://b.root-servers.org/news/2017/08/09/new-ipv4.html |date=2017-08-09 |access-date=2023-10-23 |website=b.root-servers.org}} On 27 November 2023 it was changed to {{IPaddr|170.247.170.2}}, which is the current address.{{Cite web |title=New addresses for b.root-servers.net |url=https://b.root-servers.org/news/2023/05/16/new-addresses.html |date=2023-05-16 |access-date=2023-10-23 |website=b.root-servers.org}}{{Cite web |title=LACNIC asigna recursos de numeración al servidor raíz de USC/ISI |trans-title=LACNIC assigns numbering resources to the USC/ISI root server |url=https://www.lacnic.net/6868/1/lacnic/lacnic-asigna-recursos-de-numeracion-al-servidor-raiz-de-usc_isi |date=2023-05-30 |access-date=2023-10-23 |website=www.lacnic.net |language=es}}}}

| {{IPaddr|2801:1b8:10::b}}

| AS394353{{cite web|url=https://root-servers.org/|title=Root Server Technical Operations Assn|date=7 August 2017|publisher=root-servers.org|access-date=7 August 2017}}

| ns1.isi.edu

| USC-ISI

| {{USA}}

| Distributed using anycast
6/0

| BIND and Knot DNS{{cite web|url=https://b.root-servers.org/news/2021/02/18/bind-and-knot.html |title=B-Root Software Diversity With Bind and Knot |publisher=USC-ISI |date=18 February 2021 |access-date=21 February 2021}}

[https://c.root-servers.org/ C]

| {{IPaddr|192.33.4.12}}

| {{IPaddr|2001:500:2::c}}

| AS2149{{cite web|url=http://www.ris.ripe.net/cgi-bin/riswhois.cgi?address=192.33.4.12&matchtype=L&submit=Query+RISwhois |title=RIS – RIPE Network Coordination Centre |publisher=Ris.ripe.net |date=13 October 2013 |access-date=23 January 2014}}

| c.psi.net

| Cogent Communications

| {{USA}}

| Distributed using anycast
10/0

| BIND

[http://d.root-servers.org/ D]

| {{IPaddr|199.7.91.13}}Since 3 January 2013; originally was {{IPaddr|128.8.10.90}}.{{cite web|url=http://d.root-servers.org/renumber.html|title=D-Root is Changing its IPv4 Address on 3 January 2013|access-date=16 December 2012|archive-url=https://web.archive.org/web/20130310100321/http://d.root-servers.org/renumber.html|archive-date=10 March 2013}}

| {{IPaddr|2001:500:2d::d}}

| AS10886Since November 2017; originally was AS27.[http://www.ris.ripe.net/cgi-bin/riswhois.cgi?address=199.7.91.13&matchtype=L&submit=Query+RISwhois RISwhois], excluding less-specific AS3303 route announcement

| terp.umd.edu

| University of Maryland

| {{USA}}

| Distributed using anycast
22/127

| NSD[http://d.root-servers.org/history.html D-root History page]

[https://e.root-servers.org/ E]

| {{IPaddr|192.203.230.10}}

| {{IPaddr|2001:500:a8::e}}

| AS21556{{cite web|url=http://www.ris.ripe.net/cgi-bin/riswhois.cgi?address=192.203.230.10&matchtype=L&submit=Query+RISwhois |title=RIS – RIPE Network Coordination Centre |publisher=Ris.ripe.net |access-date=30 October 2017}}

| ns.nasa.gov

| NASA Ames Research Center

| {{USA}}

| Distributed using anycast
117/137

| BIND and NSD

[https://www.isc.org/f-root/ F]

| {{IPaddr|192.5.5.241}}

| {{IPaddr|2001:500:2f::f}}

| AS3557{{cite web|url=http://www.ris.ripe.net/cgi-bin/riswhois.cgi?address=192.5.5.241&matchtype=L&submit=Query+RISwhois |title=RIS – RIPE Network Coordination Centre |publisher=Ris.ripe.net |access-date=23 January 2014}}

| ns.isc.org

| Internet Systems Consortium

| {{USA}}

| Distributed using anycast
119/119

| BIND{{Cite web |url=https://www.isc.org/community/f-root/ |title=F-root {{!}} Internet Systems Consortium |access-date=9 September 2009 |archive-date=25 March 2013 |archive-url=https://web.archive.org/web/20130325180234/http://www.isc.org/community/f-root}} and Cloudflare {{Cite web |title=Delivering Dot |url=https://blog.cloudflare.com/f-root/}}

[https://disa.mil/G-Root G]Formerly [https://web.archive.org/web/20110621074912/http://www.nic.mil/ http://www.nic.mil/ (Internet Archive link)]; unlike all other DNS root servers, G-Root does not implement a homepage under root-servers.org, i.e. [http://g.root-servers.org/ http://g.root-servers.org/]{{dead link|date=April 2018 |bot=InternetArchiveBot |fix-attempted=yes }}.

| {{IPaddr|192.112.36.4}}Unlike all other DNS root servers, G-Root does not respond to pings.

| {{IPaddr|2001:500:12::d0d}}

| AS5927{{cite web|url=http://www.ris.ripe.net/cgi-bin/riswhois.cgi?address=192.112.36.4&matchtype=L&submit=Query+RISwhois |title=RIS – RIPE Network Coordination Centre |publisher=Ris.ripe.net |date=18 September 2013 |access-date=23 January 2014}}

| ns.nic.ddn.mil

| Defense Information Systems Agency

| {{USA}}

| Distributed using anycast
6/0

| BIND

[https://h.root-servers.org/ H]

| {{IPaddr|198.97.190.53}}Since 1 December 2015; originally was {{IPaddr|128.63.2.53}}.

| {{IPaddr|2001:500:1::53}}Since 1 December 2015; originally was {{IPaddr|2001:500:1::803f:235}}.{{cite web|publisher=DNSOP|url=https://www.ietf.org/mail-archive/web/dnsop/current/msg15330.html|title=Advance notice – H-root address change on December 1, 2015 | date=31 August 2015 | access-date=19 February 2018}}

| AS1508Since 1 December 2015; originally was AS13.{{cite web|url=http://www.ris.ripe.net/cgi-bin/riswhois.cgi?address=128.63.2.53&matchtype=L&submit=Query+RISwhois |title=RIS – RIPE Network Coordination Centre |publisher=Ris.ripe.net |date=2 January 2014 |access-date=23 January 2014}}

| aos.arl.army.mil

| U.S. Army Research Lab

| {{USA}}

| Distributed using anycast
8/0

| NSD

[https://web.archive.org/web/20101123140731/http://i.root-servers.org/ I]

| {{IPaddr|192.36.148.17}}

| {{IPaddr|2001:7fe::53}}

| AS29216{{cite web|url=http://www.ris.ripe.net/cgi-bin/riswhois.cgi?address=192.36.148.17&matchtype=L&submit=Query+RISwhois |title=RIS – RIPE Network Coordination Centre |publisher=Ris.ripe.net |access-date=23 January 2014}}

| nic.nordu.net

| Netnod

| {{SWE}}

| Distributed using anycast
63/2

| BIND

[http://j.root-servers.org/ J]

| {{IPaddr|192.58.128.30}}Since November 2002; originally was {{IPaddr|198.41.0.10}}.

| {{IPaddr|2001:503:c27::2:30}}

| AS26415,{{cite web|url=http://www.ris.ripe.net/cgi-bin/riswhois.cgi?address=192.58.128.30&matchtype=L&submit=Query+RISwhois |title=RIS – RIPE Network Coordination Centre |publisher=Ris.ripe.net |access-date=23 January 2014}} AS36626, AS36628, AS36632

| {{n/a}}

| Verisign

| {{USA}}

| Distributed using anycast
63/55

|NSD and Verisign ATLAS

[https://www.ripe.net/analyse/dns/k-root/ K]

| {{IPaddr|193.0.14.129}}

| {{IPaddr|2001:7fd::1}}

| AS25152{{cite web|url=http://www.ris.ripe.net/cgi-bin/riswhois.cgi?address=193.0.14.129&matchtype=L&submit=Query+RISwhois |title=RIS – RIPE Network Coordination Centre |publisher=Ris.ripe.net |date=20 June 2013 |access-date=23 January 2014}}{{cite web|url=https://www.peeringdb.com/asn/25152|title=Peering Networks Detailed View|date=21 October 2013|publisher=Peeringdb.com|access-date=23 January 2014}}

| {{n/a}}

| RIPE NCC

| {{NED}}

| Distributed using anycast
70/3

| BIND, NSD and Knot DNS[http://k.root-servers.org/ K-root Homepage]

[http://l.root-servers.org/ L]

| {{IPaddr|199.7.83.42}}Since 1 November 2007; originally was {{IPaddr|198.32.64.12}}.{{cite web|publisher=ICANN|url=https://www.icann.org/news/blog/advisory-l-root-changing-ip-address-on-1st-november|title=Advisory — "L Root" changing IP address on 1 November}}

| {{IPaddr|2001:500:9f::42}}Since 23 March 2016; originally was {{IPaddr|2001:500:3::42}}.{{cite web|publisher=ICANN|url=http://www.dns.icann.org/2015/11/05/l-root-ipv6-renumbering/|title=L-Root IPv6 Renumbering|archive-url=https://web.archive.org/web/20160422133507/http://www.dns.icann.org/2015/11/05/l-root-ipv6-renumbering/|archive-date=22 April 2016}}

| AS20144[http://www.ris.ripe.net/cgi-bin/riswhois.cgi?address=199.7.83.42&matchtype=L&submit=Query+RISwhois], excluding less-specific AS3303 route announcement{{cite web|url=https://www.peeringdb.com/asn/20144|title=Peering Networks Detailed View|date=15 April 2013|publisher=Peeringdb.com|access-date=23 January 2014}}

| {{n/a}}

| ICANN

| {{USA}}

| Distributed using anycast
165/0

| NSD and Knot DNS[http://l.root-servers.org/ l.root-servers.net]

[https://m.root-servers.org/ M]

| {{IPaddr|202.12.27.33}}

| {{IPaddr|2001:dc3::35}}

| AS7500{{cite web|url=http://www.ris.ripe.net/cgi-bin/riswhois.cgi?address=202.12.27.33&matchtype=L&submit=Query+RISwhois |title=RIS – RIPE Network Coordination Centre |publisher=Ris.ripe.net |date=21 October 2013 |access-date=23 January 2014}}{{cite web|url=https://www.peeringdb.com/asn/7500|title=Peering Networks Detailed View|date=23 December 2013|publisher=Peeringdb.com|access-date=23 January 2014}}

| {{n/a}}

| WIDE Project

| {{JAP}}

| Distributed using anycast
4/1

| BIND

File:Root-current.svg

There are also several alternative namespace systems with an alternative DNS root using their own set of root name servers that exist in parallel to the mainstream name servers. The first, AlterNIC, generated a substantial amount of press.{{Citation needed|date=October 2010}}

The function of a root name server may also be implemented locally, or on a provider network. Such servers are synchronized with the official root zone file [https://www.internic.net/zones/root.zone as published] by ICANN, and do not constitute an alternate root.

{{missing information|section|2010 and 2012 China GFW issues with anycast endpoints|date=July 2020}}

As the root name servers are an important part of the Internet, they have come under attack several times, although none of the attacks have ever been serious enough to severely affect the performance of the Internet.

Root server supervision

The DNS Root Server System Advisory Committee is an ICANN committee. ICANN's bylaws{{Cite web|url=https://www.icann.org/resources/pages/governance/bylaws-en#XI-2.3|title=BYLAWS FOR INTERNET CORPORATION FOR ASSIGNED NAMES AND NUMBERS {{!}} A California Nonprofit Public-Benefit Corporation – ICANN|website=www.icann.org|access-date=10 July 2019}} say the committee provides advice to ICANN but the committee claims no authority over the servers or server operators.

Root zone file

The root zone file is a small (about 2 MB) data set{{Cite web|url=https://www.iana.org/domains/root/files|title=IANA – Root Files|website=www.iana.org|access-date=10 July 2019}} whose publication is the primary purpose of root name servers. This is not to be confused with the root.hints file used to bootstrap a resolver.

The root zone file is at the apex of a hierarchical distributed database called the Domain Name System (DNS). This database is used by almost all Internet applications to translate worldwide unique names such as www.wikipedia.org into other identifiers such as IP addresses.

The contents of the root zone file is a list of names and numeric IP addresses of the root domain authoritative DNS servers for all top-level domains (TLDs) such as com, org, edu, and the country code top-level domains (it also includes that info for root domain, the dot). On 12 December 2004, 773 different authoritative servers for the TLDs were listed. Later the number of TLDs increased greatly. {{As of|2020|07}}, the root zone consisted of 1511 useful TLDs (excluded are: 55 domains that are not assigned, 8 that are retired, and 11 test domains). Other name servers forward queries for which they do not have any information about authoritative servers to a root name server. The root name server, using its root zone file, answers with a referral to the authoritative servers for the appropriate TLD or with an indication that no such TLD exists.ISOC, DNS Root Name Servers explained for the non-expert, ([https://www.internetsociety.org/resources/doc/2004/the-internet-domain-name-system-explained-for-non-experts-by-daniel-karrenberg/ Available online], accessed 19 March 2010.)

See also

{{Portal|Internet}}

Notes

{{reflist|group=note}}

References

{{Reflist}}

Further reading

  • [https://root-servers.org/ Root Server Technical Operations Association]
  • [https://www.iana.org/domains/root/servers List of Root Servers, IANA]
  • [https://www.circleid.com/posts/dns_root_servers_google_maps/ Root Servers' Geographical Locations on Google Maps]
  • [https://web.archive.org/web/20030927191521/http://www.rssac.org/ DNS Root Server System Advisory Committee]
  • [https://www.internetsociety.org/resources/doc/2004/the-internet-domain-name-system-explained-for-non-experts-by-daniel-karrenberg/ DNS Root Name Servers Explained For Non-Experts]
  • [https://www.internetsociety.org/briefings/020/ DNS Root Name Servers Frequently Asked Questions]
  • [https://web.archive.org/web/20051229123012/http://www.apnic.net/services/rootserver/ Location of Root servers in Asia-Pacific]
  • [https://www.bind9.net/dnshealth/ Bogus Queries received at the Root Servers] {{Webarchive|url=https://web.archive.org/web/20060821195930/http://www.bind9.net/dnshealth/ |date=21 August 2006 }}
  • {{IETF RFC|2826|link=no}} – IAB Technical Comment on the Unique DNS Root
  • {{IETF RFC|2870|link=no}} – Root Name Server Operational Requirements
  • {{IETF RFC|4697|link=no}} – Observed DNS Resolution Misbehavior (from observations on the Root Servers)
  • [https://project-is-offline.orsn.net/ ORSN, Open Root Server Network – an unrelated, competing DNS-based name infrastructure]
  • [https://www.icann.org/en/system/files/files/rssac-023-04nov16-en.pdf RSSAC023, about the origins]

External links

  • [https://root-servers.org/ Root Server Technical Operations Association]
  • [https://www.iana.org/domains/root/files Root Files, IANA]
  • [https://project-is-offline.orsn.net/ orsn.org Open Root Server Network]
  • [https://www.internic.net/domain/root-servers.net.zone root-servers.net.zone]
  • [https://web.archive.org/web/20070606075755/http://private.dnsstuff.com/info/roottimes.htm Root Server response times]
  • [https://www.internetsociety.org/resources/doc/2004/the-internet-domain-name-system-explained-for-non-experts-by-daniel-karrenberg/ DNS root nameservers explained for non-experts]

{{DEFAULTSORT:Root Name Server}}

Category:Domain Name System