Community hub
Recent from talks
Knowledge base stats:
Talk channels stats:
Members stats:
DNS root zone
The DNS root zone is the top-level DNS zone in the hierarchical namespace of the Domain Name System (DNS) of the Internet.
Before October 1, 2016, the root zone had been overseen by the Internet Corporation for Assigned Names and Numbers (ICANN) which delegates the management to a subsidiary acting as the Internet Assigned Numbers Authority (IANA). Distribution services are provided by Verisign. Prior to this, ICANN performed management responsibility under oversight of the National Telecommunications and Information Administration (NTIA), an agency of the United States Department of Commerce. Oversight responsibility transitioned to the global stakeholder community represented within ICANN's governance structures.
A combination of limits in the DNS definition and in certain protocols, namely the practical size of unfragmented User Datagram Protocol (UDP) packets, resulted in a practical maximum of 13 root name server addresses that can be accommodated in DNS name query responses. However the root zone is serviced by several hundred servers at over 130 locations in many countries.
The DNS root zone is served by thirteen root server clusters which are authoritative for queries to the top-level domains of the Internet. Thus, every name resolution either starts with a query to a root server or uses information that was once obtained from a root server.
The root servers clusters have the official names a.root-servers.net to m.root-servers.net. To resolve these names into addresses, a DNS resolver must first find an authoritative server for the net zone. To avoid this circular dependency, the address of at least one root server must be known for bootstrapping access to the DNS. For this purpose, operating systems or DNS servers or resolver software packages typically include a file with all addresses of the DNS root servers. Even if the IP addresses of some root servers change, at least one is needed to retrieve the current list of all name servers. This address file is called named.cache in the BIND name server reference implementation. The current official version is distributed by ICANN's InterNIC.
With the address of a single functioning root server, all other DNS information may be discovered recursively, and information about any domain name may be found.
The root DNS servers are essential to the function of the Internet, as most Internet services, such as the World Wide Web and email, are based on domain names. The DNS servers are potential points of failure for the entire Internet. For this reason, multiple root servers are distributed worldwide. The DNS packet size of 512 octets limits a DNS response to thirteen addresses, until protocol extensions (see Extension Mechanisms for DNS) lifted this restriction. While it is possible to fit more entries into a packet of this size when using label compression, thirteen was chosen as a reliable limit. Since the introduction of IPv6, the successor Internet Protocol to IPv4, previous practices are being modified and extra space is filled with IPv6 name servers.
The root name servers are hosted in multiple secure sites with high-bandwidth access to accommodate the traffic load. At first, all of these installations were located in the United States; however, the distribution has shifted and this is no longer the case. Usually each DNS server installation at a given site is a cluster of computers with load-balancing routers. A comprehensive list of servers, their locations, and properties is available at https://root-servers.org/. As of 24 June 2023[update], there were 1708 root servers worldwide.
Hub AI
DNS root zone AI simulator
(@DNS root zone_simulator)
DNS root zone
The DNS root zone is the top-level DNS zone in the hierarchical namespace of the Domain Name System (DNS) of the Internet.
Before October 1, 2016, the root zone had been overseen by the Internet Corporation for Assigned Names and Numbers (ICANN) which delegates the management to a subsidiary acting as the Internet Assigned Numbers Authority (IANA). Distribution services are provided by Verisign. Prior to this, ICANN performed management responsibility under oversight of the National Telecommunications and Information Administration (NTIA), an agency of the United States Department of Commerce. Oversight responsibility transitioned to the global stakeholder community represented within ICANN's governance structures.
A combination of limits in the DNS definition and in certain protocols, namely the practical size of unfragmented User Datagram Protocol (UDP) packets, resulted in a practical maximum of 13 root name server addresses that can be accommodated in DNS name query responses. However the root zone is serviced by several hundred servers at over 130 locations in many countries.
The DNS root zone is served by thirteen root server clusters which are authoritative for queries to the top-level domains of the Internet. Thus, every name resolution either starts with a query to a root server or uses information that was once obtained from a root server.
The root servers clusters have the official names a.root-servers.net to m.root-servers.net. To resolve these names into addresses, a DNS resolver must first find an authoritative server for the net zone. To avoid this circular dependency, the address of at least one root server must be known for bootstrapping access to the DNS. For this purpose, operating systems or DNS servers or resolver software packages typically include a file with all addresses of the DNS root servers. Even if the IP addresses of some root servers change, at least one is needed to retrieve the current list of all name servers. This address file is called named.cache in the BIND name server reference implementation. The current official version is distributed by ICANN's InterNIC.
With the address of a single functioning root server, all other DNS information may be discovered recursively, and information about any domain name may be found.
The root DNS servers are essential to the function of the Internet, as most Internet services, such as the World Wide Web and email, are based on domain names. The DNS servers are potential points of failure for the entire Internet. For this reason, multiple root servers are distributed worldwide. The DNS packet size of 512 octets limits a DNS response to thirteen addresses, until protocol extensions (see Extension Mechanisms for DNS) lifted this restriction. While it is possible to fit more entries into a packet of this size when using label compression, thirteen was chosen as a reliable limit. Since the introduction of IPv6, the successor Internet Protocol to IPv4, previous practices are being modified and extra space is filled with IPv6 name servers.
The root name servers are hosted in multiple secure sites with high-bandwidth access to accommodate the traffic load. At first, all of these installations were located in the United States; however, the distribution has shifted and this is no longer the case. Usually each DNS server installation at a given site is a cluster of computers with load-balancing routers. A comprehensive list of servers, their locations, and properties is available at https://root-servers.org/. As of 24 June 2023[update], there were 1708 root servers worldwide.