Penguin

There are 13 root name servers ; they all behave identically. Most are in North America although there are also servers in Japan and London. One of them (f.root-servers.net) is replicated in many places around the world, including at APE in NewZealand for domestic sites. ICANN is responsible for the root servers, although local institutions run the individual servers.

All they do is respond to DNS queries by replying with the address of a nameserver for the top level domain for that query.

If you query a root name server with "www.example.com", it will reply with the address of one of the name servers for the ".com" top level domain. Verisign are in charge of the .com top level (as well as the .net TLD), so one of their name servers will be returned for example.com.

For example
$ host -t ns -d com. ... com. 2D IN NS a.gtld-servers.net. com. 2D IN NS c.gtld-servers.net. ... (etc - rest of the letters between a and m in a random order) com. 2D IN NS m.gtld-servers.net. a.gtld-servers.net. 1d21h3m46s IN A 192.5.6.30 c.gtld-servers.net. 1d21h3m46s IN A 192.26.92.30 ... (etc) ... d.gtld-servers.net. 1d21h3m46s IN A 192.31.80.30 m.gtld-servers.net. 1d22h33m31s IN A 192.55.83.30

so for the next 2 days, my name server will remember these name servers for the ".com" domain.

In theory, the root name servers should not have **that** many requests, as the name servers below it only need to query it once every 2 days for each top-level domain (including the country codes, ccTLDs) that an incoming request is for.

In practise, badly configured machines and networks are constantly sending requests for names that shouldn't leave private networks (such as .elvis, .tla, etc). Some companies even block incoming UDP packets, so they never receive the DNS reply, and so keep sending out bad requests. Recent studies suggest that over 90% of all root server queries are invalid, partly of course, because valid queries are cached and queries have good LocalityOfReference.


CategoryDns