CNN.com - FBI seeks to trace massive Net attack - Oct. 23, 2002
Although most people didn't notice... a bunch of root servers went down the other day...
Okay, so nobody got their roots for a while - leave a smaller tip.
No, it's not that kind of server and not those kind of roots.
DNS (Domain Name System) is what your computer uses when you want to send an email, upload a file, view a web page or just about anything else... For humans, it's easier to use a name (like www.bluewolfspirit.com) rather than an IP address (like 209.126.140.105). For computers, it's easier to use an IP address rather than a name. The DNS Service, DNS Servers and DNS Resolvers convert names to IP addresses so you can use a program to transmit data, request web pages, send email and your computer can easily comply with your instructions.
When your computer attempts to resolve a name to an IP address, it first looks in its local cache (answers recently received) for the answer. If it's not there, your computer will ask the DNS server of your ISP "what's the ip address of 'www.whereiwanttogo.com'?" Your ISP's DNS server will look in its list of recent answers and send the answer to your computer if it's in the cache. If not, your ISP's DNS server will start asking around to find out.
If your request was for support.microsoft.com, the DNS server will look for that in its cache. What most people don't know is that a "fully" qualified domain name (FQDN) actually ends with a period. The period is the root. The root servers tell other DNS servers where to find the TLDs (top level domains). So the real URL is "http://support.microsoft.com." for those who like to be exact. If the ISP's DNS server knows the DNS server for support.microsoft.com., it'll ask that DNS server "what's the IP addy for support.microsoft.com.?" If it doesn't know the DNS server for support.microsoft.com., it will attempt to find the DNS server for microsoft.com. If it can't find that, it'll try to find the DNS server for com. (the top level domain). If it can't find the DNS server for com., it'll go to the DNS server for "." (the root). There are 13 of those servers located throughout the world. They point to the DNS servers for com., edu., uk., and all the other top level domains.
You would think those servers would be very busy, but they're not (which is why a lot of people didn't notice when they went down). This is because DNS servers store recent information. If your ISP's DNS server has been up for a while (not recently rebooted), it will have quite a large store of cached information. Most likely, it already knows the IP addy of the DNS servers for "com." and can ask that DNS server "where is microsoft.com.'s DNS server?"
One of the instances where you would use a root server is for a mistyped URL. Try to go to "http://www.doesnotexist.con" Since the top level domain "con." doesn't exist, your ISP's DNS server would have to ask the root servers for the DNS server for the "con." domain. The root servers give a definitive "it doesn't exist" answer and you get an error on your screen. If the root servers didn't give a definitive answer, your software would hang while your computer tries to get an address that doesn't exist. [Note: if some other dork from your ISP also typed "somedomain.con", the negative entry would be given out of the cache...quickly]
Another use of the root servers is for top level domains that aren't used much. Many countries have a "country code" to use for a top level domain. Some country codes aren't used much (when was the last time you went to a URL like http://www.tskl.net.ki? It's for Kiribati.)
Anyway... I just wanted to let you know that the gears of the Internet squeeked a bit the other day. Nothing to worry about. There are backups (the other servers picked up the slack - the reason behind 13 servers distributed globally). Everything is fine. Just a little info...
Posted by BlueWolf on October 24, 2002 09:04 PM