Root name server
A root name server is a name server for the Domain Name System's root zone. It directly answers requests for records in the root zone and answers other requests by returning a list of the authoritative name servers for the appropriate top-level domain (TLD). The public root name servers are a critical part of the Internet infrastructure because they are the first step in translating (resolving) human readable host names into IP addresses that are used in communication between Internet hosts.
A combination of limits in the DNS and certain protocols, namely the practical size of unfragmented User Datagram Protocol (UDP) packets, resulted in a decision to limit the number of root servers to 13 logical servers. To serve the needs of the public Internet worldwide, the number of root server instances is 376 as of 22 August 2013[update].
The Domain Name System is a hierarchical naming system for computers, services, or any resource participating in the Internet. The top of that hierarchy is the root domain. The root domain does not have a formal name and its label in the DNS hierarchy is an empty string. All fully qualified domain names (FQDNs) on the Internet can be regarded as ending with this empty string for the root domain, and therefore ending in a full stop character (the label delimiter), e.g., www.example.com.. This is generally implied rather than explicit, as modern DNS software does not actually require that the terminating dot be included when attempting to translate a domain name to an IP address.
The root domain contains all top-level domains of the Internet. As of June 2009[update], there are 20 generic top-level domains (gTLDs) and 248 country code top-level domains (ccTLDs) in the root domain. In addition, the ARPA domain is used for technical name spaces in the management of Internet addressing and other resources. A TEST domain is used for testing internationalized domain names.
When a computer on the Internet needs to resolve a domain name, it uses resolver software to perform the lookup. A resolver breaks the name up into its labels from right to left. The first component (TLD) is queried using a root server to obtain the responsible authoritative server. Queries for each label return more specific name servers until a name server returns the answer of the original query.
In practice, most of this information does not change very often over a period of hours and therefore it is cached by intermediate name servers or by a name cache built into the user's application. DNS lookups to the root nameservers may therefore be relatively infrequent. A survey in 2003  reports that only 2% of all queries to the root servers were legitimate. Incorrect or non-existent caching was responsible for 75% of the queries, 12.5% were for unknown TLDs, 7% were for lookups using IP addresses as if they were domain names, etc. Some misconfigured desktop computers even tried to update the root server records for the TLDs. A similar list of observed problems and recommended fixes has been published in RFC 4697.
Although any local implementation of DNS can implement its own private root name servers, the term "root name server" is generally used to describe the thirteen well-known root name servers that implement the root name space domain for the Internet's official global implementation of the Domain Name System.
Root server addresses
As of February 2013[update], there are 13 root name servers specified, with names in the form letter.root-servers.net, where letter ranges from A to M. This does not mean there are 13 physical servers; each operator uses redundant computer equipment to provide reliable service even if failure of hardware or software occurs. Additionally, nine of the servers operate in multiple geographical locations using a routing technique called anycast, providing increased performance and even more fault tolerance.
Ten servers were originally in the United States; some are now operated via anycast. Three servers were originally located in Stockholm (I), Amsterdam (K), and Tokyo (M).
|Letter||IPv4 address||IPv6 address||AS-number||Old name||Operator||Location
|A||220.127.116.11||2001:503:ba3e::2:30||AS19836||ns.internic.net||Verisign||Distributed using anycast
|B||18.104.22.168[note 1]||2001:478:65::53||N/A||ns1.isi.edu||USC-ISI||Marina Del Rey, California, U.S.
|C||22.214.171.124||N/A[note 2]||AS2149||c.psi.net||Cogent Communications||Distributed using anycast
|D||126.96.36.199[note 3]||2001:500:2d::d||AS27||terp.umd.edu||University of Maryland||College Park, Maryland, U.S.
|E||188.8.131.52||N/A||AS297||ns.nasa.gov||NASA||Distributed using anycast
|F||184.108.40.206||2001:500:2f::f||AS3557||ns.isc.org||Internet Systems Consortium||Distributed using anycast
|G||220.127.116.11||N/A||AS5927||ns.nic.ddn.mil||Defense Information Systems Agency||Distributed using anycast
|H||18.104.22.168||2001:500:1::803f:235||AS13||aos.arl.army.mil||U.S. Army Research Lab||Aberdeen Proving Ground, Maryland, U.S.
|I||22.214.171.124||2001:7fe::53||AS29216||nic.nordu.net||Netnod||Distributed using anycast
|J||126.96.36.199[note 4]||2001:503:c27::2:30||AS26415||Verisign||Distributed using anycast
|K||188.8.131.52||2001:7fd::1||AS25152||RIPE NCC||Distributed using anycast
|L||184.108.40.206[note 5]||2001:500:3::42||AS20144||ICANN||Distributed using anycast
|M||220.127.116.11||2001:dc3::35||AS7500||WIDE Project||Distributed using anycast
Older servers had their own name before the policy of using similar names was established.
The choice of 13 nameservers was made because of limitations in the original DNS specification,[why?] which specifies a maximum packet size of 512 bytes when using the User Datagram Protocol (UDP). (technically however, 14 nameservers will fit on an IPv4 packet using the current IP addresses). The addition of IPv6 addresses for the root nameservers requires more than 512 bytes, which is facilitated by the EDNS0 extension to the DNS standard. While only 13 names are used for the root nameservers, there are many more physical servers; A, C, E, F, G, I, J, K, L and M servers now exist in multiple locations on different continents, using anycast address announcements to provide decentralized service. As a result most of the physical root servers are now outside the United States, allowing for high performance worldwide.
There are also several alternative namespace systems with an alternative DNS root using their own set of root nameservers that exist in parallel to the mainstream nameservers. The first, AlterNIC, generated a substantial amount of press.
The function of a root name server may also be implemented locally, or on a provider network. Such servers are synchronized with the official root zone file as published by ICANN, and do not constitute an alternate root.
As the root nameservers are an important part of the Internet, they have come under attack several times, although none of the attacks have ever been serious enough to severely affect the performance of the Internet.
Root server supervision
The DNS Root Server System Advisory Committee is an ICANN committee. However, the root zone is controlled by the United States Department of Commerce who must approve all changes to the root zone file requested by ICANN. ICANN's bylaws assign authority over the operation of the root nameservers of the Domain Name System to the DNS Root Server System Advisory Committee.
Root zone file
The root zone file is at the apex of a hierarchical distributed database called the Domain Name System (DNS). This database is used by almost all Internet applications to translate worldwide unique names like www.wikipedia.org into other identifiers such as IP addresses.
The contents of the root zone file is a list of names and numeric IP addresses of the authoritative DNS servers for all top-level domains (TLDs) such as com, org, edu, or the country code top-level domains. On 12 December 2004, there were 258 TLDs and 773 different authoritative servers for those TLDs listed. Other name servers forward queries for which they do not have any information about authoritative servers to a root name server. The root name server, using its root zone file, answers with a referral to the authoritative servers for the appropriate TLD or with an indication that no such TLD exists.
- Distributed denial of service attacks on root nameservers
- EDNS0 (Extended DNS, version 0)
- Internet backbone
- Open Root Server Network
- Blackhole server
- (since January 2004; originally was 18.104.22.168)
- expected 2001:500:2::c but not yet in zone
- (since January 3, 2013; originally was 22.214.171.124)
- (since November 2002; originally was 126.96.36.199)
- (since November 2007; originally was 188.8.131.52)
- "List of top-level domains". ICANN.
- Duane Wessels, Marina Fomenkov (2003). "Wow, That’s a Lot of Packets" (PDF). Retrieved 2013-11-07.
- AS-numbers and IP-addresses from Root-servers.org homepage checked 22 August 2013
- Location and sites from Root-servers.org homepage checked 22 August 2013
- "New IPv4 address for b.root-servers.net".
- "D-Root is Changing its IPv4 Address on 3 January 2013".
- F-root | Internet Systems Consortium
- K-root Homepage
- "Advisory — "L Root" changing IP address on 1st November". ICANN.
- RFC 1035 Domain names - implementation and specification
- ICANN: Accommodating IP Version 6 Address Resource Records for the Root of the Domain Name System
- ICANN Bylaws XI-2.3
- IANA: Root Files
- ISOC, DNS Root Name Servers explained for the non-expert, (Available online, accessed 19 March 2010.)
- Root Server Technical Operations Association
- Root Servers' Geographical Locations on Google Maps
- DNS Root Server System Advisory Committee
- DNS Root Name Servers Explained For Non-Experts
- DNS Root Name Servers Frequently Asked Questions
- Location of Root servers in Asia-Pacific
- Bogus Queries received at the Root Servers
- ORSN, Open Root Server Network with IPv6 support in europe
- RFC 2826 - IAB Technical Comment on the Unique DNS Root
- RFC 2870 - Root Name Server Operational Requirements
- RFC 4697 - Observed DNS Resolution Misbehavior (from observations on the Root Servers)