A root name server is a name server for the Domain Name System‘s root zone. It directly answers requests for records in the root zone and answers other requests by returning a list of the authoritative name servers for the appropriate top-level domain (TLD). The root name servers are a critical part of the Internet infrastructure because they are the first step in translating (resolving) human readable host names into IP addresses that are used in communication between Internet hosts.
A combination of limits in the DNS and certain protocols, namely the practical size of unfragmented User Datagram Protocol (UDP) packets, resulted in a decision to limit the number of root servers to 13 logical servers. To serve the needs of the public Internet worldwide, the number of root server instances is 356 as of 6 March 2013.
As of February 2013, there are 13 root name servers specified, with names in the form letter.root-servers.net, where letter ranges from A to M. This does not mean there are 13 physical servers; each operator uses redundant computer equipment to provide reliable service even if failure of hardware or software occur. Additionally, nine of the servers operate in multiple geographical locations using a routing technique called anycast, providing increased performance and even more fault tolerance.
Ten servers were originally in the United States; some are now operated via anycast. Three servers were originally located in Stockholm (I), Amsterdam (K), and Tokyo (M).
|Letter||IPv4 address||IPv6 address||Old name||Operator|
|D||184.108.40.206||2001:500:2d::d||terp.umd.edu||University of Maryland|
|F||220.127.116.11||2001:500:2f::f||ns.isc.org||Internet Systems Consortium|
|G||18.104.22.168||N/A||ns.nic.ddn.mil||Defense Information Systems Agency|
|H||22.214.171.124||2001:500:1::803f:235||aos.arl.army.mil||U.S. Army Research Lab|
Older servers had their own name before the policy of using similar names was established.
The choice of 13 nameservers was made because of limitations in the original DNS specification,[why?] which specifies a maximum packet size of 512 bytes when using the User Datagram Protocol (UDP). The addition of IPv6 addresses for the root nameservers requires more than 512 bytes, which is facilitated by the EDNS0 extension to the DNS standard. While only 13 names are used for the root nameservers, there are many more physical servers; A, C, E, F, G, I, J, K, L and M servers now exist in multiple locations on different continents, using anycast address announcements to provide decentralized service. As a result most of the physical root servers are now outside the United States, allowing for high performance worldwide.
The DNS Root Server System Advisory Committee is an ICANN committee. However, the root zone is controlled by the United States Department of Commerce who must approve all changes to the root zone file requested by ICANN. ICANN’s bylaws assign authority over the operation of the root nameservers of the Domain Name System to the DNS Root Server System Advisory Committee.
Attacks on the Root Servers
On October 21, 2002 an attack lasting for approximately one hour was targeted at all 13 DNS root name servers.
This was the second significant failure of the root nameservers. The first caused the failure of seven machines in April 1997 due to a technical problem.
On February 6, 2007 an attack began at 10 AM UTC and lasted twenty-four hours. At least two of the root servers (G-ROOT and L-ROOT) reportedly suffered badly while two others (F-ROOT and M-ROOT) experienced heavy traffic. The latter largely contained the damage by distributing requests to other root server instances with anycast addressing. ICANN published a formal analysis shortly after the event.
Due to a lack of detail, speculation about the incident proliferated in the press until details were released.
On February 8, 2007 it was announced by Network World that: “If the United States found itself under a major cyberattack aimed at undermining the nation’s critical information infrastructure, the Department of Defense is prepared, based on the authority of the President, to launch […] an actual bombing of an attack source or a cyber counterattack.”
On February 12, 2012, a statement was posted on Pastebin cited to be from Anonymous, threatening an attack on the root servers on March 31, 2012.
DNS root server distribution
Now compare that with the distribution of Internet users across the same regions. We have kept the colors for the regions the same, so you can easily compare the two charts.
- Europe and North America together have only 36% of the Internet population, but 62% of the root servers.
- Asia has 45% of the Internet population, but only 17% of the root servers.
Internet users per root server
An interesting side note is that in 2007, the world average was 9.4 million Internet users per root server site. In 2012 it is, as you can see in the chart above, 7.6 million. That is definitely an improvement.
Asia on the other hand has gone from 16.7 million Internet users per root server site in 2007 to 20.3 million in 2012.
In other words, the world as whole is getting a better ratio between the number of Internet users and root servers, while Asia is getting a worse ratio.
In the past 5 years the world Internet population has doubled, and more than half of the new Internet users have come from Asia. It’s clearly a region that is becoming increasingly underserved in terms of DNS infrastructure.