FAQ

How many root operators are there?

Currently there are 12 root server operators, whose identities you can see at the top of www.root-servers.org home page.

How many root servers are there?

The number of root server instances changes (generally increases) over time. The current count of root server instances is shown just below the map on the home page.

Different operators deploy a different number of instances. You can see the per-operator instances, including their locations, by clicking on the letters at the bottom of the home page.

What's the difference between a Global and a Local instance?

In each operator's list of sites, some instances are marked as global (globe icon) and some are marked as local (flag icon). The difference is in how widely available that instance will be, because of how routing for that instance is done. Recall that the routes for an instance are announced by BGP, the inter-domain routing protocol.

For global instances, the route advertisement is permitted to spread throughout the Internet, i.e., any router on the Internet could know the path to that instance. Of course, for a particular source, the route to that instance may not be the optimal route, so some other instance could be chosen as the destination.

With a local instance, however, the route advertisement is limited to only nearby networks. For example, the instance may be visible to just one ISP, or to ISPs that connect at a particular exchange point. Sources from farther away will not be able to see and query that local instance.

All operators provide service to the entire Internet through at least one global instance. Some operators may also choose to deploy local instances, depending on their own needs and requirements, and those of their provider partners.

Refer to RFC 4786 (section 4.4.6 in particular) for further details.

How can I contact the root server operators?

You may contact individual operators by finding their published email addresses linked off the home page. Find the Root Servers section and click on the individual letters. Then look on the right side of the page for a blue "Contact Email" or "Homepage" link. You may contact the root server operators collectively by writing to info@root-servers.org.

Can I get a root server for my network?

If you believe that your area of the Internet is underserved with respect to root zone service, you may inquire with individual operators about locating an instance nearby. Root server instances are generally located at data centers and exchange points. Different operators will have different requirements for providing instances at remote locations. Below are some links to pages of operators that offer hosted instances:

• ICANN: FAQ hosting IMRS
• ISC: Hosting an F Root node
• Netnod: Hosting an I-root Node
• RIPE NCC: Hosting an instance of K-root
• Verisign: Improve Performance With Verisign Regional Internet Resolution Service

Which root servers provide zone transfer service of the root zone?

• b.root-servers.net
• c.root-servers.net
• d.root-servers.net
• f.root-servers.net
• g.root-servers.net
• k.root-servers.net

Can the root server operators block or filter traffic from certain countries or networks? Or can the root server operators block certain top-level domain names?

The root server operators are committed to providing service to all users, all networks, and all top-level domains equally. Such commitments are backed by a number of published policy documents and protocol specifications:

• RFC 7720: The root name service ... MUST answer queries from any entity conforming to [RFC1122] with a valid IP address.
• RSSAC055: The RSS must be a stable, reliable, and resilient platform for the DNS service to all users.
• RSSAC055: [RSOs] must be committed to sending and responding to traffic without filtering, to serving the IANA global root DNS namespace, and to avoiding conflicts of interest and reciprocal agreements.
• RSSAC055: RSOs must be neutral and impartial. An RSO is neutral to the politics of geographic regions and nation states when delivering the DNS root service. The RSO's focus is on provisioning a reliable technical service which knows no political boundaries and maintains an unbiased position to the politics of any nation state. RSOs must offer DNS service without bias, on the same terms, to users everywhere.
• RSSAC020: ... operators of the root servers are committed to serving the IANA global root DNS namespace. All root servers operated by these operators provide DNS answers containing complete and unmodified DNS data.

Correspondence to root server operators containing requests to block certain countries, networks, or top-level domains may be politely declined or ignored.

Are there any conditions under which a root server would not respond to queries?

The root servers respond to all technically valid queries, with the following exceptions:

• When valid queries are used as a form of attack to degrade or deny service. Root servers may limit or prevent responses to queries used in attacks or that otherwise cause a degradation of service to others. This is done only to protect the root service itself or to protect third parties targeted in reflection attacks.
• Queries whose source address comes from an IPv4 or IPv6 special-purpose address block. These addresses are sometimes informally known as bogons, which includes the widely known RFC 1918 private address space.