| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
DNS Root Name Servers (Page 2 of 3) Ensuring Access to the Root Name Servers Clearly, the root name servers are extremely important to the functioning of the DNS system as a whole. If anything were to ever happen to cause the root name servers to stop operating, the entire DNS system would essentially shut down. For this reason, there obviously isn't just one root server, nor are there two or three; there are (at present) thirteen different root name servers. In fact, there are actually far more than thirteen physical servers. Most of the thirteen name servers are implemented as clusters of several independent physical hardware servers. Some are in fact distributed collections of servers that are in different physical locations. The best example is the F root server, which has been implemented as a set of over a dozen mirrors in various places around the world, to provide better service. The principles of redundancy that I mentioned are a good idea for choosing a secondary name server for a regular domain, obviously apply that much more to the root. This is why the various physical devices that comprise the thirteen root servers are all located in different places all around the globe. Many of them are in the United States, but even these are in many locations throughout the country (albeit concentrated in a couple of hot spots in California and near Washington, DC) and are set up to use different networks to connect to the Internet. The root name servers are of course rather powerful; despite there being several dozen pieces of hardware to spread the load, they must each handle large amounts of data, 24 hours a day. They are run by networking professionals who ensure that they function efficiently. An Internet standard, RFC 2870 (Root Name Server Operational Requirements), spells out the basic rules and practices for the operation of these name servers. It specifies extensive procedures for ensuring the security of the servers, and for avoiding performance problems due to their pivotal role. Despite all the efforts taken to ensure that the root servers are widely distributed and secure, they still collectively represent a point of weakness in the global Internet. Millions and millions of people depend on these servers. There have been incidents in the past where rogue elements on the Internet have attempted to disrupt DNS by attacking the root name servers. One widely-publicized incident was a denial of service (DoS) attack against the root servers on October 21, 2002. The attack failed, but it significantly raised awareness of the importance of these servers and how essential DNS security is.
Home - Table Of Contents - Contact Us The TCP/IP Guide (http://www.TCPIPGuide.com) Version 3.0 - Version Date: September 20, 2005 © Copyright 2001-2005 Charles M. Kozierok. All Rights Reserved. Not responsible for any loss resulting from the use of this site. |