What is DNS? Why are there only 13 DNS root servers? Is it really that difficult to give one to China?

The Domain Name System is one of the most important Internet services, without it we would not be able to access online content or even send emails. Whenever we try to connect to another website or online service, the root DNS servers help our computers find and reach the address we want.

DNS root servers are integral to all DNS and therefore the Internet, but not a lot of information is available about them. Today we will learn what root servers are, what they do, and how many root servers there are actually.

What are DNS root servers?

Root servers or DNS Root servers are the name servers responsible for the functioning of DNS and the entire Internet. They are the first step in determining the name of any domain name. DNS converts domain names into IP addresses.

The root zone is a global list of top-level domains. It includes generic top-level domains (.com, .net, .org), country code top-level domains (.no, .se, .uk), and internationalized top-level domains, which are ccTLDs written in local characters of various countries. The root zone comes from the Internet Assigned Numbers Authority (IANA), which is part of the Internet Corporation for Assigned Names and Numbers (ICANN).

The mapping of domain names to IP addresses is done in a hierarchical order using DNS zones, with the root servers serving the root zone, which sits at the top of the hierarchy and publishes the root zone file, which in turn contains resource records for all TLD authoritative servers. So, they can work in two ways:

• Respond directly to a request for this resource record in the root zone
• Forwards the request to the appropriate name server for the requested TLD

Although they are not directly involved in name resolution in the latter case, root servers lie at the root of the entire Internet infrastructure, and without them, much of the web as we know and use it today would be unusable.

How do root servers work?

How the root servers work depends on the name resolution process:

When you type www.wljslmz.com into your web browser, it will first go to your ISP's DNS server or other DNS servers you have configured. Sometimes, these DNS servers cache the domain information, in which case it will just answer the information and let you access the website.

However, if this information is not stored, the DNS server sends a request to the master servers. The root servers do not have information about the specific IP address of www.wljslmz.com, but they know the location of the name servers that serve that TLD (.com).

The root servers return a list of TLD servers so that the provider or configured server can resend the request, this time to the TLD servers.

The TLD server then returns the authoritative name server that stores the desired domain.

This is the case when the requesting server sends a request to the authoritative server where the domain resides.

Once the request reaches the authorization server, it replies to the requesting server with the IP address of www.wljslmz.com.

When the request server gets this information, it saves it for future requests and sends the response back to your converter, which sends it to your web browser and allows you to access the desired website.

How many root DNS servers are there?

Everyone knows this, there are 13 in total.

Why are there only 13 root servers?

This is due to the limitations of the local DNS infrastructure, which uses 32-byte IPv4. An IP address must correspond to one data packet, and the data packet was limited to 512 bytes at the time, so each IPv4 address is 32 bits, of which 13 bits are 416 bytes, and the remaining 96 bytes are protocol information.

Initially, each of the 13 IP addresses had a server, today we have a cluster of servers per IP address, using broadcast routing to create a network of hundreds of servers around the world.

This helps balance decentralization and ensures reliability, even if one of the root servers is down due to a DDoS attack or other type of DNS attack.

However, due to the small packet size limitations of IPv6, it is almost certain that more root DNS servers will appear in the future.

Where are the root DNS servers located?

DNS situation in China

Why can't one of the 13 DNS root servers be allocated to China?

I believe there is no need to answer this question. It is impossible. It is not a political issue, but a technical issue. It has exceeded the scope and capabilities of the protocol. It is impossible for the organization that already has the root DNS to give it to China.

In China, there are 26 root domain name server nodes:

• Beijing I, L, J, K, F
• Hong Kong Special Administrative Region A, I, H, F, F, E, J
• Taipei City I, E, F, F, K, L
• Macao Special Administrative Region E, F
• Shanghai
• Hangzhou City
• Zhengzhou City
• Wuhan City
• Xining City
• Guiyang City K

Free public DNS server IP addresses (commonly used parts)

114 DNS

 First choice: 114 .114 .114 .114
 Alternative: 114 .114 .115 .115

AliDNS Ali Public DNS

 First choice : 223.5.5.5
 Spare : 223.6.6.6 ​

Baidu DNS

 IPv4 address : 180.76.76.76 ​
 IPv6 address: 2400 : da00 :: 6666

Public DNS+

 First choice: 119 .29 .29 .29
 Spare : 119.28.28.28 ​
 - Reserve: 182 .254 .118 .118
 - Reserve: 182 .254 .116 .116

CNNIC sDNS

 Preferred: 1 .2 .4 .8
 Spare : 210.2.4.8 ​

Tsinghua University DNS Server

 2001 : da8 : 200 : ffff :: 28

Shanghai Jiaotong University DNS Server

 2001 : da8 : 8000 : 1 : 202 : 120 : 2 : 101

Beijing University of Posts and Telecommunications DNS Server

 2001 : da8 : 202 : 10 :: 36
 or
 2001 : da8 : 202 : 10 :: 37

Wait, there are many more. I will organize a complete list for you when I have the chance.

Does China still have a chance in the DNS root field?

We all know that if the Internet is controlled by other countries, the security will be greatly affected. We have missed 13 root servers. Do we have to "live under someone else's roof" forever?

Of course not!

Although we cannot have a root DNS server in the IPv4 field, we already have a place in the root DNS server of IPv6. With the country's support for IPv6, China has achieved amazing speed in the construction of IPv6 network!

Among the subsequent ipv6 root DNS servers, China has 4 servers, one of which is the main root and the other three are auxiliary roots!!!

Summarize

DNS is responsible for almost everything related to the Internet, and the root DNS servers are the backbone of the Internet.

I hope that through this article, everyone can understand the 13 DNS root servers.

DNS remains one of the most overlooked parts of enterprise infrastructure when it comes to security, which is why it is so important to perform frequent DNS audits.

Only by paying attention to the essence of technology can we establish ourselves as a technology company!!!