Overview[]
A root name server (also root server) is a DNS server that answers requests for the DNS root zone, and redirects requests for a particular top-level domain (TLD) to that TLD's name servers. Although any local implementation of DNS can implement its own private root name servers, the term "root name server" is generally used to describe the thirteen well-known root name servers that implement the root namespace domain for the Internet's official global implementation of the Domain Name System. The current 13 root name servers are specified in Table 1.
Two of the root servers are currently run by the U.S private-sector corporation VeriSign; the rest are operated by other organizations around the world as a service to the Internet community.
All domain names on the Internet can be regarded as ending in a full stop character (e.g., "www.example.com."). This final dot is generally implied rather than explicit, as modern DNS software does not actually require that the final dot be included when attempting to translate a domain name to an IP address. The empty string after the final dot is called the root domain, and all other domains (.com, .org, .net, and so on) are contained within the root domain.
When a computer on the Internet wants to resolve a domain name, it works from right to left, asking each name server in turn about the element to its left. The root name servers (which have responsibility for the . domain) know which servers are responsible for the top-level domains. Each top-level domain (such as .com) has its own set of servers, which in turn delegate to the name servers responsible for individual domain names (such as example.com), which in turn answer queries for IP addresses of subdomains or hosts (such as www).
ICANN does not fund the operation of the root servers. Instead, they are supported by the efforts of individual administrators and their sponsoring organizations.
Security[]
Although the DNS is designed to provide redundancy in case of accidental failure, it has some vulnerability to an intentional physical attack that might target all name servers simultaneously. Although Internet operations would not halt instantly, an increasing number of sites would, over a period of time measured in hours to days, become inaccessible without root name servers to provide authoritative translation information. However, recovery from such an attack would be unlikely to take more than several days — damaged servers can be replaced, since they are general-purpose computers that are in common use.
Source[]
- "Security" section: Information Technology for Counterterrorism: Immediate Actions and Future Possibilities, at 17.
This page uses Creative Commons Licensed content from Wikipedia (view authors). |