Read ICANN Blogs to stay informed of the latest policymaking activities, regional events, and more.

L-Root in your Pocket

13 March 2012
By Joe Abley

OK, so not quite in your pocket. But near your pocket.

ICANN operates L-Root, one of the 13 Domain Name System root servers which together make up the infrastructure known as the Root Server System. The Root Servers serve the root zone of the DNS, maintained by ICANN staff in the IANA department. The Root Zone provides signposts for familiar Top Level Domains like CA, NZ, UK, NET and ORG, which in turn provide signposts to sub-domains, and hence DNS servers all over the world can find their way to providing their users with answers. If you can’t reach a Root Server, then the rest of the DNS (given time) will become unavailable. It follows that reliable access to a Root Server is pretty important.

At ICANN, we have spent quite a bit of time looking at how we can make Root Server service more reliable for end users in remote and underserved locations. We’ve seen ISPs cut off from all Root Servers due to under-sea cable cuts and satellite transmission failures; we’ve also seen routing errors several networks away cause performance to Root Servers to be sporadic and unreliable. Like every other service on the Internet we also occasionally see big spikes of traffic and that traffic has the potential to make networks between a user and a Root Server congested. No matter how much computing power is installed in regional Root Server clusters, there’s always the chance that a Root Server is difficult to reach from somewhere.

Our conclusion is that a model to make Root Servers, and L-Root especially, more accessible to everybody is to move closer to end users, no matter where the end users happen to be. Fortunately, there’s a good, simple and effective mechanism to make this happen, and it’s called anycast [PDF, 125 KB].

Anycast allows us to install many instances of the L-Root service in underserved areas, so that any particular DNS client that needs to send a request can get an answer locally. If the local instance disappears (perhaps there’s a power cut, or a network problem between you) then your traffic should automatically re-route elsewhere.

How close is the closest L-Root server to you? It’s not that hard to find out. From the Windows command window you can type “tracert L.ROOT-SERVERS.NET”, and from the Macintosh Terminal or a shell on a Unix or Linux computer, “traceroute L.ROOT-SERVERS.NET”. The resulting output will show you the addresses (and, in many cases, DNS names) of the routers between you and L-Root.

For a more geographic perspective, you can take a look at where L-Root is deployed in the world and also where other Root Servers can be found, since we’re certainly not the only Root Server Operator doing this.

ICANN is continuing to identify geographic locations that may be underserved by the Root Server System. Together with network service providers and carriers, we are helping to make the Root Server System more reliable and accessible for users of the Internet, improving the security and stability of the DNS.


Joe Abley