The DNS is fundamentally four things:
- a shared name space;
- the servers (name servers) that implement the name space;
- the resolvers (intermediate caching servers) and end systems that send questions (queries) about the name space to the name servers; and
- a protocol that offers interoperable resolution security and defines message delivery.
The root zone defines the apex of the shared name space and the root nameservers are where this name space apex is instantiated for the users of this namespace—i.e., the Internet as we know it.
The billions of computers that form the Internet of today would have to send all of their queries to these root name servers without two other architectural features of the DNS. The first is that it is designed to be hierarchical—parts of the name space can be and are distributed and delegated to other authoritative name servers in the Internet. This DNS feature allows for and has enabled the massive growth and scalability of the Internet in the past 20 years. The second is the use of DNS resolvers that cache responses from authoritative servers as a result of queries sent to them from their client end systems.
The DNS name space is implemented as a hierarchical distributed database, divided for management purposes into pieces, called zones. Each zone is served by one or more name servers, which are synchronized to contain identical sets of data. The zones are hierarchically organized into a structure that is usually represented graphically as an inverted “tree”, and the zones contain DNS information belonging to the corresponding name domains in the tree. The root zone constitutes the top of the inverted tree (level 0). Its name is, strictly speaking, an empty string (not “root”), but it is usually denoted with a single “.” (period or “dot”).
The DNS data in a zone are usually stored in a file—a zone file. The servers serving the same file synchronize by sending the contents of the zone file from the master server to slave server(s). This is known as a zone transfer. Masters and slaves are considered equal from a DNS “quality” or “authority” standpoint; the term master simply distinguishes the server at which changes to the zone in question are entered.
The root name servers
The root name servers (or simply root servers) are DNS name servers that carry and serve data from the root zone. There are 13 publicly accessible well-known IPv4 addresses (representing hundreds of individual machines) on the Internet from which such service can be obtained. The servers are denoted by the letters A through M, and carry DNS hostnames of the form <letter>.root-servers.net (for example, a.root-servers.net). Some of them also provide service at IPv6 addresses.
The home locations of some of the root servers were originally determined by analysis of network traffic flows and loads, seeking to have at least one server “close” in terms of message communication time to every location on the network. It is important to have root servers distributed so that they provide a sufficient level of service to all users across the network.
Considerations of this type are both complex and important, and have, as the Internet evolved, become increasingly so. Over time, these original locations have become less satisfactory, which has been one of the reasons for the proliferation by some operators of satellite sites at different locations. These satellite sites use a method called anycast, which enables servers with the same IP address to be located at different points on the Internet. Instances of a root server might therefore be placed at multiple locations around the world. The widespread distribution of anycast instances of the root servers has improved the level of service provided to many previously less well served locations.
Throughout the global Internet, systems that need to discover the binding between a domain name and an IP address employ DNS resolvers to send queries (“where is the resource with the domain name mangelwurzel.example.org?”) to name servers and receive the responses (“it’s at the IP address 192.168. 8.3”). The queries and responses are defined by the DNS protocol, and are usually carried across the Internet in User Datagram Protocol (UDP) packets (although under certain circumstances the queries and/or responses may be carried over Transmission Control Protocol (TCP) connections).
Internet end systems send queries to a DNS resolver. The end system is configured with the IP address of the DNS resolver. The configuration is either static or dynamic (using for example DHCP). The DNS resolver is configured with the IP addresses of the root servers. At startup time, it sends a so called “priming query” to those IP addresses to find out the current set of root servers. After this priming of the cache in the DNS resolver, the DNS resolver is ready to respond to queries from end systems. The DNS resolver when getting a query first looks in its cache, and if the response is not there, it queries the authoritative servers in the world, starting with the root name servers, and places all responses in its cache, caching the responses according to so-called “time to live” information defined by the authoritative servers. In some cases the DNS resolver is configured to not send queries to the authoritative servers, but instead to some other DNS resolver, in which case this second DNS resolver views the first as an end system.
It is these DNS resolvers—also called forwarding servers, caching name servers, or Iterative Mode Resolvers (IMRs)—that send most of the queries from the Internet to the root servers.
These systems are the “consumers” of the data in the root zone. As virtually anyone on the Internet can create a DNS resolver at any time, there is no way to precisely determine how many DNS resolvers are “out there,” where they are, what software they are running, or other details of their configuration.