Explaining Root Name Servers
Much like the file system on a computer, or any one of those trees I’m looking at outside my office window, the root is the critical origin point of the system. In the original design of DNS, as explained in RFC 882, the schema for the domain name system is organized not unlike a tree where root is the top.
Root is the first place where a recursive DNS server goes looking for information about an address that it doesn’t hold in its cache. An address, say example.com., looks like .com.example to a machine. We read example.com from left to right, but the DNS actually does it backwards and starts with that dot. The trailing dot is typically dropped from the end of an address, it’s rarely seen to even the most eagle-eyed of Internet users.
What Does 'Root' Do In The DNS?
Root is the all-knowing DNS zone, which contains the specific location of all of the Top-Level Domains (TLDs). Some examples of these are Generic TLDs (.com, .net, .org, .edu and .gov), Country Code TLDs (.uk, .de., .se, etc.) and Internationalized TLDs which are often written in a character set that corresponds to a specific language.
This diagram shows a very simplified version of a typical DNS transaction.
- The user types in example.com, which is sent to the recursive server.
- The recursive starts with the trailing dot, which is root. Root knows where com lives, so root says back to the recursive “I know where .com is, here’s how you get there”.
- The recursive, now knowing where .com lives, sends the request to .com’s server and says “hey there, I’m looking for example.com., do you know where I can find it?”.
- The .com TLD server, bustling with knowledge of where every one of its subordinates’ authoritative servers are says, “Why yes, example.com’s authority is with those folks over at NS1 - dns1.p01.nsone.net to be precise!”
- This information is then sent back to the recursive, which now knows to look to that authoritative DNS server to find the zone file for example.com.
- The information requested from the zone file is returned to the recursive, then returned to the user who initiated the request in the first place.
This all happens in the blink of an eye.
The 13 Root Name Servers
Much like NS1's anycast, globally distributed network of authoritative name servers, the root name server system is also distributed around the globe in strategic locations. For a primer on Anycasting, read this great explanation about anycast networking to learn more.
Twelve organizations are responsible for the operation of the root name servers, and can make seamless operational changes to the root servers to ensure that the Internet, and specifically the DNS, are always functioning. Some of the organizations that are part of this delegation have been around since the inception of the DNS.
; <<>> DiG 9.8.3-P1 <<>> ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49475 ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;. IN NS ;; ANSWER SECTION: . 687 IN NS c.root-servers.net. . 687 IN NS e.root-servers.net. . 687 IN NS m.root-servers.net. . 687 IN NS g.root-servers.net. . 687 IN NS f.root-servers.net. . 687 IN NS k.root-servers.net. . 687 IN NS d.root-servers.net. . 687 IN NS i.root-servers.net. . 687 IN NS h.root-servers.net. . 687 IN NS a.root-servers.net. . 687 IN NS b.root-servers.net. . 687 IN NS j.root-servers.net. . 687 IN NS l.root-servers.net. ;; Query time: 32 msec ;; SERVER: 184.108.40.206#53(220.127.116.11) ;; WHEN: Fri Nov 11 14:31:30 2016 ;; MSG SIZE rcvd: 228
While there are only 13 addresses in delegation, a vestige of the UDP/TCP logic in the DNS, there are over 300 individual root servers around the globe to ensure redundancy. These individual root servers are the backbone of this essential service, and are the silent heroes in your everyday Internet perusal.