Root nameserver
Encyclopedia
Name server
In computing, a name server is a program or computer server that implements a name-service protocol. It maps a human-recognizable identifier to a system-internal, often numeric, identification or addressing component....
for the Domain Name System
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
's root zone
DNS root zone
A DNS root zone is the top-level DNS zone in a Domain Name System hierarchy. Most commonly it refers to the root zone of the largest global DNS, deployed for the Internet. Ultimate authority over the DNS root zone rests with the US Department of Commerce NTIA...
. It directly answers requests for records in the root zone and answers other requests returning a list of the designated authoritative name servers for the appropriate top-level domain
Top-level domain
A top-level domain is one of the domains at the highest level in the hierarchical Domain Name System of the Internet. The top-level domain names are installed in the root zone of the name space. For all domains in lower levels, it is the last part of the domain name, that is, the last label of a...
(TLD). The root name servers are a critical part of the Internet because they are the first step in translating (resolving) human readable host names into IP address
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
es that are used in communication between Internet hosts.
A combination of limits in the DNS and certain protocols, namely the practical size of unfragmented User Datagram Protocol
User Datagram Protocol
The User Datagram Protocol is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol network without requiring...
(UDP) packets, resulted in a limited number of root server addresses that can be accommodated in DNS name query responses. This limit has determined the number of name server installations at (currently) 13 clusters, serving the needs of the entire public Internet worldwide.
Root domain
The Domain Name SystemDomain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
is a hierarchical naming system for computers, services, or any resource participating in the Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
. The top of that hierarchy is the root domain. The root domain does not have a formal name and its label in the DNS hierarchy is an empty string
String (computer science)
In formal languages, which are used in mathematical logic and theoretical computer science, a string is a finite sequence of symbols that are chosen from a set or alphabet....
. All fully qualified domain names (FQDNs) on the Internet can be regarded as ending with this empty string for the root domain, and therefore ending in a full stop
Full stop
A full stop is the punctuation mark commonly placed at the end of sentences. In American English, the term used for this punctuation is period. In the 21st century, it is often also called a dot by young people...
character (the label delimiter), e.g., www.example.com.. This is generally implied rather than explicit, as modern DNS software does not actually require that the terminating dot be included when attempting to translate a domain name to an IP address.
The root domain contains all top-level domains of the Internet. As of June 2009, there are 20 generic top-level domain
Generic top-level domain
A generic top-level domain is one of the categories of top-level domains maintained by the Internet Assigned Numbers Authority for use in the Domain Name System of the Internet....
s (gTLDs) and 248 country code top-level domain
Country code top-level domain
A country code top-level domain is an Internet top-level domain generally used or reserved for a country, a sovereign state, or a dependent territory....
s (ccTLDs) in the root domain. In addition, the ARPA
.arpa
The domain name arpa is a top-level domain in the Domain Name System of the Internet. It is used exclusively for technical infrastructure purposes...
domain is used for technical name spaces in the management of Internet addressing and other resources. A TEST
.test
The name test is reserved by the Internet Engineering Task Force in RFC 2606 as a domain name that is not intended to be installed as a top-level domain in the global Domain Name System of the Internet for production use....
domain is used for testing internationalized domain name
Internationalized domain name
An internationalized domain name is an Internet domain name that contains at least one label that is displayed in software applications, in whole or in part, in a language-specific script or alphabet, such as Arabic, Chinese, Russian, Hindi or the Latin alphabet-based characters with diacritics,...
s.
Resolver operation
When a computer on the Internet needs to resolve a domain name, it uses resolver software to perform the lookup. A resolver breaks the name up into its labels from right to left. The first component (TLD) is requeried using a root server to obtain the responsible authoritative server. Queries for each label return more specific name servers until a name server returns the answer of the original query.In practice, most of this information does not change very often over a period of hours and therefore it is cached by intermediate name servers or by a name cache built into the user's application. DNS lookups to the root nameservers may therefore be relatively infrequent. A survey in 2003 reports that only 2% of all queries to the root servers were legitimate. Incorrect or non-existent caching was responsible for 75% of the queries, 12.5% were for unknown TLDs, 7% were for lookups using IP addresses as if they were domain names, etc. Some misconfigured desktop computers even tried to update the root server records for the TLDs. A similar list of observed problems and recommended fixes has been published in RFC 4697.
Although any local implementation of DNS can implement its own private root name servers, the term "root name server" is generally used to describe the thirteen well-known root name servers that implement the root name space domain for the Internet's official global implementation of the Domain Name System.
Root server addresses
There are currently 13 root name servers specified, with names in the form letter.root-servers.net, where letter ranges from A to M. This does not mean there are 13 physical servers; each operator uses redundant computer equipment to provide reliable service even if failure of hardware or software occur. Additionally, nine of the servers operate in multiple geographical locations using a routing technique called anycastAnycast
Anycast is a network addressing and routing methodology in which datagrams from a single sender are routed to the topologically nearest node in a group of potential receivers all identified by the same destination address.-Addressing methodologies:...
, providing increased performance and even more fault tolerance.
Ten servers were originally in the United States; some are now operated via anycast. Three servers were originally located in Stockholm (I), Amsterdam (K), and Tokyo (M).
| Letter | IPv4 IPv4 Internet Protocol version 4 is the fourth revision in the development of the Internet Protocol and the first version of the protocol to be widely deployed. Together with IPv6, it is at the core of standards-based internetworking methods of the Internet... address |
IPv6 IPv6 Internet Protocol version 6 is a version of the Internet Protocol . It is designed to succeed the Internet Protocol version 4... address |
AS-number Autonomous system (Internet) Within the Internet, an Autonomous System is a collection of connected Internet Protocol routing prefixes under the control of one or more network operators that presents a common, clearly defined routing policy to the Internet.... |
Old name | Operator | Location #sites (global/local) |
Software |
|---|---|---|---|---|---|---|---|
| A | 198.41.0.4 | 2001:503:ba3e::2:30 | AS19836 | ns.internic.net | Verisign VeriSign Verisign, Inc. is an American company based in Dulles, Virginia that operates a diverse array of network infrastructure, including two of the Internet's thirteen root nameservers, the authoritative registry for the .com, .net, and .name generic top-level domains and the .cc and .tv country-code... |
Distributed using anycast Anycast Anycast is a network addressing and routing methodology in which datagrams from a single sender are routed to the topologically nearest node in a group of potential receivers all identified by the same destination address.-Addressing methodologies:... 6/0 |
BIND BIND BIND , or named , is the most widely used DNS software on the Internet.On Unix-like operating systems it is the de facto standard.Originally written by four graduate students at the Computer Systems Research Group at the University of California, Berkeley , the name originates as an acronym from... |
| B | 192.228.79.201 (since January 2004; originally was 128.9.0.107) | 2001:478:65::53 (not in root zone yet) | none | ns1.isi.edu | USC University of Southern California The University of Southern California is a private, not-for-profit, nonsectarian, research university located in Los Angeles, California, United States. USC was founded in 1880, making it California's oldest private research university... -ISI Information Sciences Institute The Information Sciences Institute is a research and development unit of the University of Southern California's Viterbi School of Engineering which focuses on computer and communications technology and information processing... |
Marina Del Rey, California, U.S. Marina del Rey, California -Demographics:-2010:The 2010 United States Census reported that Marina del Rey had a population of 8,866. The population density was 6,094.6 people per square mile... 0/1 |
BIND BIND BIND , or named , is the most widely used DNS software on the Internet.On Unix-like operating systems it is the de facto standard.Originally written by four graduate students at the Computer Systems Research Group at the University of California, Berkeley , the name originates as an acronym from... |
| C | 192.33.4.12 | 2001:500:2::c (not in root zone yet) | AS2149 | c.psi.net | Cogent Communications Cogent Communications Cogent Communications is a multinational internet service provider whose network spans more than 53,300 intercity fiber route miles and 15,800 metro fiber miles. Cogent provides service in over 165 markets across 31 countries in North America and Europe... |
Distributed using anycast Anycast Anycast is a network addressing and routing methodology in which datagrams from a single sender are routed to the topologically nearest node in a group of potential receivers all identified by the same destination address.-Addressing methodologies:... 6/0 |
BIND BIND BIND , or named , is the most widely used DNS software on the Internet.On Unix-like operating systems it is the de facto standard.Originally written by four graduate students at the Computer Systems Research Group at the University of California, Berkeley , the name originates as an acronym from... |
| D | 128.8.10.90 | 2001:500:2d::d | AS27 | terp.umd.edu | University of Maryland University of Maryland, College Park The University of Maryland, College Park is a top-ranked public research university located in the city of College Park in Prince George's County, Maryland, just outside Washington, D.C... |
College Park, Maryland, U.S. College Park, Maryland College Park is a city in Prince George's County, Maryland, USA. The population was 30,413 at the 2010 census. It is best known as the home of the University of Maryland, College Park, and since 1994 the city has also been home to the "Archives II" facility of the U.S... 1/0 |
BIND BIND BIND , or named , is the most widely used DNS software on the Internet.On Unix-like operating systems it is the de facto standard.Originally written by four graduate students at the Computer Systems Research Group at the University of California, Berkeley , the name originates as an acronym from... |
| E | 192.203.230.10 | AS297 | ns.nasa.gov | NASA NASA The National Aeronautics and Space Administration is the agency of the United States government that is responsible for the nation's civilian space program and for aeronautics and aerospace research... |
Mountain View, California, U.S. 1/0 |
BIND BIND BIND , or named , is the most widely used DNS software on the Internet.On Unix-like operating systems it is the de facto standard.Originally written by four graduate students at the Computer Systems Research Group at the University of California, Berkeley , the name originates as an acronym from... |
|
| F | 192.5.5.241 | 2001:500:2f::f | AS3557 | ns.isc.org | Internet Systems Consortium Internet Systems Consortium Internet Systems Consortium, Inc., also known as ISC, is a Delaware-registered, 501 public benefit non-profit corporation dedicated to supporting the infrastructure of the universal connected self-organizing Internet by developing and maintaining core production quality software, protocols, and... |
Distributed using anycast Anycast Anycast is a network addressing and routing methodology in which datagrams from a single sender are routed to the topologically nearest node in a group of potential receivers all identified by the same destination address.-Addressing methodologies:... 2/47 |
BIND 9 BIND BIND , or named , is the most widely used DNS software on the Internet.On Unix-like operating systems it is the de facto standard.Originally written by four graduate students at the Computer Systems Research Group at the University of California, Berkeley , the name originates as an acronym from... |
| G | 192.112.36.4 | AS5927 | ns.nic.ddn.mil | Defense Information Systems Agency Defense Information Systems Agency The Defense Information Systems Agency is a United States Department of Defense agency that provides information technology and communications support to the President, Vice President, Secretary of Defense, the military Services, and the Combatant Commands.As part of the Base Realignment and... |
Distributed using anycast Anycast Anycast is a network addressing and routing methodology in which datagrams from a single sender are routed to the topologically nearest node in a group of potential receivers all identified by the same destination address.-Addressing methodologies:... 6/0 |
BIND BIND BIND , or named , is the most widely used DNS software on the Internet.On Unix-like operating systems it is the de facto standard.Originally written by four graduate students at the Computer Systems Research Group at the University of California, Berkeley , the name originates as an acronym from... |
|
| H | 128.63.2.53 | 2001:500:1::803f:235 | AS13 | aos.arl.army.mil | U.S. Army Research Lab | Aberdeen Proving Ground, Maryland, U.S. Aberdeen Proving Ground Aberdeen Proving Ground is a United States Army facility located near Aberdeen, Maryland, . Part of the facility is a census-designated place , which had a population of 3,116 at the 2000 census.- History :... 2/0 |
NSD NSD In Internet computing, NSD is an open-source server program for the Domain Name System. It was developed by NLnet Labs of Amsterdam in cooperation with the RIPE NCC, from scratch as an authoritative name server... |
| I | 192.36.148.17 | 2001:7fe::53 | AS29216 | nic.nordu.net | Autonomica Autonomica Autonomica Ab is a fully owned subsidiary of NetNod that operates several critical infrastructure pieces on the Internet.- History :Autonomica was founded in 1998, as a subsidiary to NetNod. The Swedish Operator Forum had for a while been discussing extending the operations of NetNod to include... |
Distributed using anycast Anycast Anycast is a network addressing and routing methodology in which datagrams from a single sender are routed to the topologically nearest node in a group of potential receivers all identified by the same destination address.-Addressing methodologies:... 36 |
BIND BIND BIND , or named , is the most widely used DNS software on the Internet.On Unix-like operating systems it is the de facto standard.Originally written by four graduate students at the Computer Systems Research Group at the University of California, Berkeley , the name originates as an acronym from... |
| J | 192.58.128.30 (since November 2002; originally was 198.41.0.10) | 2001:503:c27::2:30 | AS26415 | Verisign VeriSign Verisign, Inc. is an American company based in Dulles, Virginia that operates a diverse array of network infrastructure, including two of the Internet's thirteen root nameservers, the authoritative registry for the .com, .net, and .name generic top-level domains and the .cc and .tv country-code... |
Distributed using anycast Anycast Anycast is a network addressing and routing methodology in which datagrams from a single sender are routed to the topologically nearest node in a group of potential receivers all identified by the same destination address.-Addressing methodologies:... 63/7 |
BIND BIND BIND , or named , is the most widely used DNS software on the Internet.On Unix-like operating systems it is the de facto standard.Originally written by four graduate students at the Computer Systems Research Group at the University of California, Berkeley , the name originates as an acronym from... |
|
| K | 193.0.14.129 | 2001:7fd::1 | AS25152 | RIPE NCC RIPE NCC The Réseaux IP Européens Network Coordination Centre is the Regional Internet Registry for Europe, the Middle East and parts of Central Asia... |
Distributed using anycast Anycast Anycast is a network addressing and routing methodology in which datagrams from a single sender are routed to the topologically nearest node in a group of potential receivers all identified by the same destination address.-Addressing methodologies:... 5/13 |
NSD NSD In Internet computing, NSD is an open-source server program for the Domain Name System. It was developed by NLnet Labs of Amsterdam in cooperation with the RIPE NCC, from scratch as an authoritative name server... |
|
| L | 199.7.83.42 (since November 2007; originally was 198.32.64.12) | 2001:500:3::42 | AS20144 | ICANN ICANN The Internet Corporation for Assigned Names and Numbers is a non-profit corporation headquartered in Marina del Rey, California, United States, that was created on September 18, 1998, and incorporated on September 30, 1998 to oversee a number of Internet-related tasks previously performed directly... |
Distributed using anycast Anycast Anycast is a network addressing and routing methodology in which datagrams from a single sender are routed to the topologically nearest node in a group of potential receivers all identified by the same destination address.-Addressing methodologies:... 37/1 |
NSD NSD In Internet computing, NSD is an open-source server program for the Domain Name System. It was developed by NLnet Labs of Amsterdam in cooperation with the RIPE NCC, from scratch as an authoritative name server... |
|
| M | 202.12.27.33 | 2001:dc3::35 | AS7500 | WIDE Project WIDE Project The WIDE Project , founded over 20 years ago , is an Internet project in Japan. It runs a major backbone of the Japanese Internet and used to run the .jp TLD.... |
distributed using anycast Anycast Anycast is a network addressing and routing methodology in which datagrams from a single sender are routed to the topologically nearest node in a group of potential receivers all identified by the same destination address.-Addressing methodologies:... 5/1 |
BIND BIND BIND , or named , is the most widely used DNS software on the Internet.On Unix-like operating systems it is the de facto standard.Originally written by four graduate students at the Computer Systems Research Group at the University of California, Berkeley , the name originates as an acronym from... |
Older servers had their own name before the policy of using similar names was established.
The choice of 13 nameservers was made because of limitations in the original DNS specification, which specifies a maximum packet size of 512 bytes when using the User Datagram Protocol
User Datagram Protocol
The User Datagram Protocol is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol network without requiring...
(UDP). The addition of IPv6 addresses for the root nameservers requires more than 512 bytes, which is facilitated by the EDNS0 extension to the DNS standard. While only 13 names are used for the root nameservers, there are many more physical servers; A, C, F, I, J, K, L and M servers now exist in multiple locations on different continents, using anycast
Anycast
Anycast is a network addressing and routing methodology in which datagrams from a single sender are routed to the topologically nearest node in a group of potential receivers all identified by the same destination address.-Addressing methodologies:...
address announcements to provide decentralized service. As a result most of the physical root servers are now outside the United States, allowing for high performance worldwide.
Alternative DNS root
The Internet uses the Domain Name System to associate the names of computers with their numeric IP addresses and with other information. The top level of the domain name hierarchy, the DNS root, contains the top-level domains that appear as the suffixes of all Internet domain names. The official...
using their own set of root nameservers that exist in parallel to the mainstream nameservers. The first, AlterNIC
AlterNIC
AlterNIC was an unofficial, controversial Internet domain name registry that relied on an alternative DNS root. The primary purpose of the project was to challenge the monopoly of InterNIC, the official governing body for generic top-level domains until the creation of the ICANN in 1998...
, generated a substantial amount of press.
The function of a root name server may also be implemented locally, or on a provider network. Such servers are synchronized with the official root zone file as published by ICANN
ICANN
The Internet Corporation for Assigned Names and Numbers is a non-profit corporation headquartered in Marina del Rey, California, United States, that was created on September 18, 1998, and incorporated on September 30, 1998 to oversee a number of Internet-related tasks previously performed directly...
, and do not constitute an alternate root.
As the root nameservers are an important part of the Internet, they have come under attack several times, although none of the attacks have ever been serious enough to severely affect the performance of the Internet.
Root server supervision
The DNS Root Server System Advisory Committee is an ICANNICANN
The Internet Corporation for Assigned Names and Numbers is a non-profit corporation headquartered in Marina del Rey, California, United States, that was created on September 18, 1998, and incorporated on September 30, 1998 to oversee a number of Internet-related tasks previously performed directly...
committee. However, the root zone is controlled by the United States Department of Commerce
United States Department of Commerce
The United States Department of Commerce is the Cabinet department of the United States government concerned with promoting economic growth. It was originally created as the United States Department of Commerce and Labor on February 14, 1903...
who must approve all changes to the root zone file requested by ICANN. ICANN's bylaws assign authority over the operation of the root nameservers of the Domain Name System
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
to the DNS Root Server System Advisory Committee.
Root zone file
The root zone file is a small (about 200 kBKilobyte
The kilobyte is a multiple of the unit byte for digital information. Although the prefix kilo- means 1000, the term kilobyte and symbol KB have historically been used to refer to either 1024 bytes or 1000 bytes, dependent upon context, in the fields of computer science and information...
) data set whose publication is the primary purpose of root nameservers.
The root zone file is at the apex of a hierarchical distributed database called the Domain Name System
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
(DNS). This database is used by almost all Internet applications to translate worldwide unique names like www.wikipedia.org into other identifiers such as IP address
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
es.
The contents of the root zone file is a list of names and numeric IP addresses of the authoritative DNS servers
Name server
In computing, a name server is a program or computer server that implements a name-service protocol. It maps a human-recognizable identifier to a system-internal, often numeric, identification or addressing component....
for all top-level domains (TLDs) such as com, org, edu, or the country code top-level domain
Country code top-level domain
A country code top-level domain is an Internet top-level domain generally used or reserved for a country, a sovereign state, or a dependent territory....
s. On 12 December 2004, there were 258 TLDs and 773 different authoritative servers for those TLDs listed. Other name servers forward queries for which they do not have any information about authoritative servers to a root name server. The root name server, using its root zone file, answers with a referral to the authoritative servers for the appropriate TLD or with an indication that no such TLD exists.
See also
- Distributed denial of service attacks on root nameservers
- EDNS0 (Extended DNS, version 0)
- Internet backboneInternet backboneThe Internet backbone refers to the principal data routes between large, strategically interconnected networks and core routers in the Internet...
- Open Root Server NetworkOpen Root Server NetworkOpen Root Server Network was a network of root nameservers for the Internet, operating from February 2002 until the end of 2008. Its root zone information was normally kept in synchronization with that of the network coordinated by ICANN. The networks were thus compatible, although ORSN was...
- Blackhole serverBlackhole serverBlackhole DNS servers are DNS servers that return a "nonexistent address" answer to reverse DNS lookups for addresses reserved for private use.-Background:...
External links
- Root Server Technical Operations Association
- ftp://ftp.internic.net/domain/
- http://private.dnsstuff.com/info/roottimes.htm Root Server response times
- DNS root nameservers explained for non-experts