DNS root zone
A DNS root zone is the top-level DNS zone in a hierarchical namespace using the Domain Name System (DNS) for computers. Most commonly it refers to the root zone of the largest global network, the Internet.
The US Department of Commerce NTIA exercises the ultimate authority over the DNS root zone of the Internet. The zone is managed by the Internet Assigned Numbers Authority (IANA) as the operator while a third party is contracted by the NTIA as the root zone maintainer. The IANA operator is ICANN and the root zone maintainer is Verisign, Inc.
A combination of limits in the DNS definition and in certain protocols, namely the practical size of unfragmented User Datagram Protocol (UDP) packets, resulted in a limited number of root server addresses that can be accommodated in DNS name query responses. This limit has determined the number of name server installations at (currently) 13 clusters, serving the needs of the entire public Internet worldwide.
Initialization of DNS service 
There are thirteen root server clusters that are authoritative for queries to the global DNS root zone. The root servers hold the lists of names and addresses for the authoritative servers for all top-level domains. Every name lookup must either start with a query to a root server or use information that was once obtained from a root server.
The root servers have the official names a.root-servers.net to m.root-servers.net. However, to look up the IP address of a root server from these names, a DNS resolver must first be able to look up a root server to find the address of an authoritative server for the .net DNS zone. Clearly this creates a circular dependency, so the address of at least one root server must be known by a host in order to bootstrap access to the DNS. This is usually done by shipping the addresses of all known DNS root servers as a file with the computer operating system: the IP addresses of some root servers will change over the years, but only one correct address is needed for the resolver to obtain the current list of name servers. This file is called named.cache in the BIND nameserver reference implementation and a current version is officially distributed by ICANN's InterNIC.
Once the address of a single functioning root server is known, all other DNS information can be discovered recursively, and the address of any domain name may be found.
Redundancy and diversity 
The root DNS servers are essential to the function of the Internet, as most Internet services, such as the World-Wide Web and electronic mail, are based on domain names. The DNS servers are potential points of failure for the entire Internet. For this reason, there are multiple root servers worldwide. The number has been limited to 13 in DNS responses because DNS was limited to 512-byte packets until protocol extensions (EDNS) were designed to lift this restriction. While it is possible to fit more entries into a packet of this size when using "label compression", 13 was chosen as a reliable limit. Since the introduction of IPv6, the next-generation Internet Protocol, previous practices are being modified and extra space is filled with IPv6 name servers.
The root name servers are hosted in multiple secure sites with high-bandwidth access to accommodate the traffic load. At first, all of these installations were located in the United States. However, the distribution has shifted and this is no longer the case. Usually each DNS server installation at a given site is physically a cluster of machines with load-balancing routers. A comprehensive list of servers, their locations, and properties is available at http://root-servers.org. As of November 2012 there were 345 root servers worldwide.
The modern trend is to use anycast addressing and routing to provide resilience and load balancing across a wide geographic area. For example, the j.root-servers.net root server, maintained by VeriSign, is represented by 70 (as of March 2013[update]) individual server systems located around the world, which can be queried using anycast addressing.
The content of the root zone file is controlled by ICANN (Internet Corporation for Assigned Names and Numbers), which now operates the Internet Assigned Numbers Authority (IANA). Changes must also be approved by the US Department of Commerce NTIA. The physical zone file itself is generated and distributed by VeriSign, to the various root server operators.
See also