Root name servers are the servers located at the bottom (or root) of the Domain Name System hierarchy.
The DNS system converts Internet domain names such as www.example.com to numeric addresses such as 184.108.40.206 or 3a10:2g0:4:5::56 (hypothetical). DNS includes a hierarchy of “authoritative” names servers”, with different information pieces at each level of the domain. To translate the www.example.com, a resolver- that is the name server queried directly by the user- first has to locate where .com is, then example.com and eventually, www.example.com.
Root name servers are the authoritative name servers used by the resolvers to locate the TLDS- that is top-level domains (like .com).
The root zone
The root servers contain the information that comprises the root zone. This is a universal list of TLDs. This root zone is made up of:
- Non-specific top-level domains like .net, .com and .org
- Country-code top-level domain like .uk for United Kingdom and .au for Australia
- Internationalized top level domains- these are the same as country code top level domain names in the local character set of the respective country.
For each of those top-level domain, the root zone has the number addresses of nameservers which respond to the top-level domain contents. When a query about a top-level domain is sent, the root servers answer with the numerical addresses.
Who operates the root name servers?
The root servers are run by twelve different organisations:
- VeriSign Global Registry Services
- Information Sciences Institute (University of Southern California)
- NASA Ames Research Centre
- University of Maryland
- US Army Research Lab
- Internet Systems Consortium (ISC)
- US Department of Defence Network Information Centre
- WIDE project
- Cogent Communications
- RIPE NCC
Most of these organisations have been managing root servers since the Domain Name System was created. The list also reveals the early roots of the internet as a US-based military research.
Where are the root servers?
There are over 300 root servers strewn across the globe, in all six continents. They are accessible via 13 numeric IP addresses- one for each organisation that operates the root servers, except VeriSign, which is assigned two. Most of the addresses are given to multiple servers spread all over the world, so DNS queries sent to those addresses receive rapid responses from the local servers. This is not always so. About 10 years ago, there were but 13 root servers- one for each IP address- with ten in the US. However, major efforts by many root server operators have grown the global footprint of root servers in the last decade.
Because there are just thirteen root server Internet Protocol addresses, only thirteen root servers can be viewed for the one location at any point in time. Different servers with identical IP addresses can be viewed from various locations.
Who is responsible for the maintenance and operations of root name servers?
Each operating organisation is exclusively responsible for the IP address(es) of the root server it operates. The operating organisation decides the number of locations the IP address will be served from, and where those locations are. It will also determine how the hardware and software will be set up at each location, including their respective maintenance procedures. While some operators manage the servers from a single location, others operate multiple servers, with one being responsible for close to a 100. Each organisation is also responsible for generating its own funds.
What is the origin of the root zone?
The root zone comes from the Internet Assigned Numbers Authority or IANA, which is a sister organisation ofICANN (Internet Corporation for Assigned Names and Number). The root zone is signed by the DNSSEC for validation, and assigned to the root server operators who publish it on their root servers. The root server operators have no power to change the contents, hence they publish it as is issued to them.
How are root servers identified by resolvers?
The root servers are located at the bottom (root) of the DNS’ hierarchical structure, as such it is not easy to pass through the DNS hierarchy and identify them; the resolvers would not know where to search. Instead, a list of popular and seldom changed root server addresses is created, and all DNS resolvers have that list contained in their software.
If a root server needs to alter addresses- which has occurred twice in the last decade- this is not a significant issue. Older resolvers continue to operate by utilising the other available 12 root server address, and the list is updated as soon as the software itself is updated.
Although root servers are important infrastructure components, the breakdown of a single root server will be unnoticed by many internet users. Single servers that fail withdraw their address announcements, permitting requests to be responded to by a different server assigned to the same address. For example, when a particular root server is ineffective for a part of the world, there are 12 other root server IP addresses to select from.