The Full Wiki

Root nameserver: Wikis


Note: Many of our articles have direct quotes from sources you can cite, within the Wikipedia article! This article doesn't yet, but we're working on it! See more info or our list of citable articles.


From Wikipedia, the free encyclopedia

A Cisco 7301 router, part of the AMS-IX mirror of the K root-server.

A root name server is a name server for the Domain Name System's root zone. It directly answers requests for records in the root zone and answers other requests returning a list of the designated authoritative name servers for the appropriate top-level domain (TLD). The root name servers are a critical part of the Internet because they are the first step in translating (resolving) human readable host names into IP addresses that are used in communication between Internet hosts.


Root domain

The Domain Name System is a hierarchical naming system for computers, services, or any resource participating in the Internet. The top of that hierarchy is the root domain. The root domain does not have a formal name and its label in the DNS hierarchy is an empty string. All fully qualified domain names (FQDNs) on the Internet can be regarded as ending with this empty string for the root domain, and therefore ending in a full stop character (the label delimiter), e.g., This is generally implied rather than explicit, as modern DNS software does not actually require that the terminating dot be included when attempting to translate a domain name to an IP address.

The root domain contains all top-level domains of the Internet. As of June 2009, there are 20 generic top-level domains (gTLDs) and 248 country code top-level domains (ccTLDs) in the root domain.[1] In addition, the ARPA domain is used for technical name spaces in the management of Internet addressing and other resources. A TEST domain is used for testing internationalized domain names.

Resolver operation

When a computer on the Internet needs to resolve a domain name, it uses resolver software to perform the lookup. A resolver breaks the name up into its labels from right to left. The first component (TLD) is requeried using a root server to obtain the responsible authoritative server. Queries for each label return more specific name servers until a name server returns the answer of the original query.

In practice, most of this information does not change very often over a period of hours and therefore it is cached by intermediate name servers or by a name cache built into the user's application. DNS lookups to the root nameservers may therefore be relatively infrequent. A survey in 2003 [2] reports that only 2% of all queries to the root servers were legitimate. Incorrect or non-existent caching was responsible for 75% of the queries, 12.5% were for unknown TLDs, 7% were for lookups using IP addresses as if they were domain names, etc. Some misconfigured desktop computers even tried to update the root server records for the TLDs. A similar list of observed problems and recommended fixes has been published in RFC 4697.

Although any local implementation of DNS can implement its own private root name servers, the term "root name server" is generally used to describe the thirteen well-known root name servers that implement the root name space domain for the Internet's official global implementation of the Domain Name System.

Root server addresses

There are currently 13 root name servers specified, with names in the form, where letter ranges from A to M. This does not mean there are 13 physical servers; each operator uses redundant computer equipment to provide reliable service even if failure of hardware or software occur. Additionally, nine of the servers operate in multiple geographical locations using a routing technique called anycast, providing increased performance and even more fault tolerance.

Letter IPv4 address IPv6 address Old name Operator Location Software
A 2001:503:BA3E::2:30 VeriSign distributed using anycast BIND
B 2001:478:65::53 (not in root zone yet) USC-ISI Marina Del Rey, California, U.S. BIND
C Cogent Communications distributed using anycast BIND
D University of Maryland College Park, Maryland, U.S. BIND
E NASA Mountain View, California, U.S. BIND
F 2001:500:2f::f Internet Systems Consortium distributed using anycast BIND 9[3]
G Defense Information Systems Agency distributed using anycast BIND
H 2001:500:1::803f:235 U.S. Army Research Lab Aberdeen Proving Ground, Maryland, U.S. NSD
I 2001:7fe::53 (testing, not in root zone yet) Autonomica distributed using anycast BIND
J 2001:503:C27::2:30 VeriSign distributed using anycast BIND
K 2001:7fd::1 RIPE NCC distributed using anycast NSD[4]
L (since November 2007; originally was[5] 2001:500:3::42 ICANN distributed using anycast NSD[6]
M 2001:dc3::35 WIDE Project distributed using anycast BIND

Older servers had their own name before the policy of using similar names was established.

The choice of 13 nameservers was made because of limitations in the original DNS specification, which specifies a maximum packet size of 512 bytes when using the User Datagram Protocol (UDP).[7] The addition of IPv6 addresses for the root nameservers requires more than 512 bytes, which is facilitated by the EDNS0 extension to the DNS standard.[8] While only 13 names are used for the root nameservers, there are many more physical servers; C, F, I, J, K, L and M servers now exist in multiple locations on different continents, using anycast address announcements to provide decentralized service. As a result most of the physical root servers are now outside the United States, allowing for high performance worldwide.

At the end of 2006 there were a total of 13 root nameservers, including Anycast servers.

There are also quite a few alternative namespace systems with their own set of root nameservers that exist in opposition to the mainstream nameservers. The first, AlterNIC, generated a substantial amount of press. See Alternative DNS root for more information.

Root name servers may also be run locally, on provider or other types of networks, synchronized with the US Department of Commerce delegated root zone file as published by ICANN. Such a server is not an alternative root, but a local implementation of A through M.

As the root nameservers function as an important part of the Internet, they have come under attack several times, although none of the attacks have ever been serious enough to severely hamper the performance of the Internet.

Root server supervision

The DNS Root Server System Advisory Committee is an ICANN committee. ICANN's bylaws[9] assign authority over the operation of the root nameservers of the Domain Name System to the DNS Root Server System Advisory Committee.

See also


External links



Got something to say? Make a comment.
Your name
Your email address