-->

Senin, 16 April 2018

The DNS root zone is the top-level DNS zone in the hierarchical namespace of the Domain Name System (DNS) of the Internet.

Since 2016, the root zone has been overseen by the Internet Corporation for Assigned Names and Numbers (ICANN) which delegate the management to a subsidiary acting as the Internet Assigned Numbers Authority (IANA). Distribution services are provided by Verisign. Prior to this, ICANN performed management responsibility under oversight of the National Telecommunications and Information Administration (NTIA), an agency of the United States Department of Commerce.

A combination of limits in the DNS definition and in certain protocols, namely the practical size of unfragmented User Datagram Protocol (UDP) packets, resulted in a practical maximum of 13 root name server addresses that can be accommodated in DNS name query responses. However the root zone is serviced by several hundred servers at over 130 locations in many countries.

Initialization of DNS service




DNS Root Hints - Domain Name System in Hindi - This Video by Jagvinder Thind in Hindi Explains about Root Hints and Shows How to Configure DNS Root Hints in Windows Server 2012 in Hindi.

The DNS root zone is served by thirteen root server clusters which are authoritative for queries to the top-level domains of the Internet. Thus, every name resolution either starts with a query to a root server or uses information that was once obtained from a root server.

The root servers clusters have the official names a.root-servers.net to m.root-servers.net. To resolve these names into addresses, a DNS resolver must first find an authoritative server for the net zone. To avoid this circular dependency, the address of at least one root server must be known for bootstrapping access to the DNS. For this purpose operating systems or DNS server or resolver software packages typically include a file with all addresses of the DNS root servers. Even if the IP addresses of some root servers change, at least one is needed to retrieve the current list of all name servers. This address file is called named.cache in the BIND name server reference implementation. The current official version is distributed by ICANN's InterNIC.

With the address of a single functioning root server, all other DNS information may be discovered recursively, and information about any domain name may be found.

Redundancy and diversity


Chapter 10. introduction to DNS
Chapter 10. introduction to DNS. Source : linux-training.be

The root DNS servers are essential to the function of the Internet, as most Internet services, such as the World Wide Web and electronic-mail, are based on domain names. The DNS servers are potential points of failure for the entire Internet. For this reason, multiple root servers are distributed worldwide. The DNS packet size of 512 octets limits a DNS response to thirteen addresses, until protocol extensions (EDNS) lifted this restriction. While it is possible to fit more entries into a packet of this size when using label compression, thirteen was chosen as a reliable limit. Since the introduction of IPv6, the successor Internet Protocol to IPv4, previous practices are being modified and extra space is filled with IPv6 name servers.

The root name servers are hosted in multiple secure sites with high-bandwidth access to accommodate the traffic load. At first, all of these installations were located in the United States; however, the distribution has shifted and this is no longer the case. Usually each DNS server installation at a given site is a cluster of computers with load-balancing routers. A comprehensive list of servers, their locations and properties is available at http://root-servers.org. As of January 2016, there were 517 root servers worldwide.

The modern trend is to use anycast addressing and routing to provide resilience and load balancing across a wide geographic area. For example, the j.root-servers.net server, maintained by VeriSign, is represented by 104 (as of January 2016) individual server systems located around the world, which can be queried using anycast addressing.

Management


Root name server - Wikipedia
Root name server - Wikipedia. Source : en.wikipedia.org

The content of the Internet root zone file is coordinated by a subsidiary of ICANN which performs the Internet Assigned Numbers Authority (IANA) functions. VeriSign generates and distributes the zone file to the various root server operators.

In 1997, when the Internet was transferred from U.S. government control to private hands, NTIA has exercised stewardship over the root zone. A 1998 Commerce Department document stated the agency was "committed to a transition that will allow the private sector to take leadership for DNS management" by the year 2000, however, no steps to make the transition happen were taken. In March 2014, NTIA announced it will transition its stewardship to a "global stakeholder community".

According to Assistant Secretary of Commerce for Communications and Information, Lawrence E. Strickling, March 2014 was the right time to start a transition of the role to the global Internet community. The move came after pressure in the fallout of revelations that the United States and its allies had engaged in surveillance. The chairman of the board of ICANN denied the two were connected, however, and said the transition process had been ongoing for a long time. ICANN president Fadi Chehadé called the move historic and said that ICANN will move toward multi-stakesholder control. Various prominent figures in Internet history, not affiliated with ICANN, also applauded the move.

NTIA's announcement did not immediately affect how ICANN performs its role. On March 11, 2016 NTIA announced that it had received a proposed plan to transition its stewardship role over the root zone, and would review it in the next 90 days..

The proposal was adopted, and ICANN's renewed contract to perform the IANA function lapsed on September 30, 2016, resulting in the transition of oversight responsibility to the global stakeholder community represented within ICANN's governance structures. As a component of the transition plan, it created a new subsidiary called Public Technical Identifiers (PTI) to perform the IANA functions which include managing the DNS root zone.

Signing of the root zone


Example: Setting up a Static Website Using a Custom Domain ...
Example: Setting up a Static Website Using a Custom Domain .... Source : docs.aws.amazon.com

Since July 2010, the root zone has been signed with a DNSSEC signature, providing a single trust anchor for the Domain Name System that can in turn be used to provide a trust anchor for other public key infrastructure (PKI). The root zone is re-signed periodically with the root zone key signing key performed in a verifiable manner in front of witnesses in a key signing ceremony.

See also


Iana | Domain Name | I Pv6
Iana | Domain Name | I Pv6. Source : es.scribd.com

  • Alternative DNS root
  • AS112
  • Internet backbone

References


Anonymous attacks against the DNS Root Servers. What's true and ...
Anonymous attacks against the DNS Root Servers. What's true and .... Source : blog.isc2.org

  • RFC 2870 â€" Root Name Server Operational Requirements
  • RFC 2826 â€" IAB Technical Comment on the Unique DNS Root

Further reading


Windows - A Delegation For This DNS Server Cannot Be Created ...
Windows - A Delegation For This DNS Server Cannot Be Created .... Source : www.petenetlive.com

  • "NTIA announces intent to transition key internet domain name functions". Office of Public Affairs. National Telecommunications and Information Administration. 14 March 2014. Retrieved 15 March 2014. 

External links


Chapter 10. introduction to DNS
Chapter 10. introduction to DNS. Source : linux-training.be

  • root-servers.org
  • IANA's Authoritative Database of TLDs on the DNS Root Zone
  • CircleID.com, on DNS Root Servers
  • CAIDA.org, paper on root server location problem
  • CirlceID.com, More root server instances outside the U.S. than inside

DNS Server â€
DNS Server â€" Learning IT. Source : gitlearning.wordpress.com

 
Sponsored Links