How F-Root Server works?

Fri Apr 9 18:30:03 UTC 2004

>>>>> "Daniel" == Daniel Sadoc <sadoc at rio.com.br> writes:

    Daniel> Is the F-ROOT SERVER a set of machines, all of them
    Daniel> responding to the same IP?

It's a set of machines all responding to the same IP address. 

    Daniel> How is the nearest F-ROOT SERVER choosen?

The same way as the nearest route to any other network on the internet
is chosen: by the routing protocols. They apply various metrics -- hop
count, AS number(s), BGP policies, etc -- to decide which instance of
F is closest.

    Daniel> gru1b.f.root-servers.org has the IP 192.228.80.6 while
    Daniel> pao1d.f.root-servers.org has the IP 204.152.184.251.

    Daniel> If the machines above are in different countries, how they
    Daniel> respond to queries for the IP of F.ROOT-SERVERS.NET, which
    Daniel> is 192.5.5.241?

The technique is known as anycasting. It's documented in RFC3258
"Distributing Authoritative Name Servers via Shared Unicast
Addresses".

In simple terms, the routers at each of these locations announce a
route for 192.5.5/24. This gets propagated to all the other routers.
The fact there are different paths to this network doesn't matter. Even
when the networks are in different locations. The routing protocols
automatically take care of this.

It's quite common for networks to have multiple connections to the
internet. For example a global company might connect to the internet
in Asia, Europe and North America. From an internet perspective this
might make the company's network appear close to the main internet
exchanges in all of these continents. So traffic between the company's
net and the internet in Asia would mostly go via the company's
connection in Asia. And so on.

One of the wonderful things about anycasting is the extra robustness
it brings. Suppose the instance of F in Brazil (say) dies. A route to
192.5.5/24 is no longer announced from the internet exchange(s) in
Brazil. For a normal, unicast, address this would mean the network had
fallen off the internet. [Because that's what would have happened. :-)]
But routes to 192.5.5/24 are still being announced from all the other
locations where an instance of F is found. Brazil's routers detect the
local route to 192.5.5/24 has gone away and pick up the next closest.
Brazil's DNS queries to F now go there instead of the server in Sao
Paulo. They'll automatically go back to Sao Paulo when that node comes
back up and the route gets re-annouced from there. Likewise, a DDoS
attack against F in Brazil will probably only affect the server in Sao
Paulo. The other instances of F should be unaffected because the
routers in Brazil know that they should send packets for 192.5.5.241
to the closest node: Sao Paulo.

A few of the root servers are doing anycasting. Some TLD name servers
do this too. Eventually everybody who has important DNS data will do
this. Though they'll most likely buy a DNS hosting service that
provides anycasting. There are a couple of commercial offerings for
anycast DNS hosting today.