DNS servers can and frequently are set up in an anycast network. In doing so, an Internet service provider brings the service, under a single address, “closer” to you. The vicinity is not geographic but network-wise. It is often said there are 13 Root DNS servers, called A – M. This isn’t actually true: there are 13 root server installations. Each of these consists of a multitude of hosts serving DNS data for a particular zone, in this case, the root DNS zone. Here is a map of the 13 installations. (Click to go to the interactive map.) So, if my recursive name server speaks to, say, the F-root server, which is, quite appropriately, called f.root-servers.net, which machine in this installation am I actually speaking to? (The following map shows the current locations of the hosts in the F-root installation.) Let’s check. I’m querying the F-root for its hostname, which it kindly makes available as a TXT record in the CHAOS class:

    dig +short @f.root-servers.net hostname.bind. ch txt

The F-root is operated by ISC. The domain name returned contains what they call a site code, and pao1b stands for Palo Alto, CA, USA. So, the closesest F-root server to my location (remember: network-wise) is in California, USA – clear across the world from my location, geographically speaking. :-) If you issue that same query, it is very likely you’ll get a completely different reply. Let me show you the same query, at the same time, from a geographic distinct location to which I’m connected via SSH:

    dig +short @f.root-servers.net hostname.bind. ch txt

While we won’t be operating nearly as many name servers, I’m doing the same on our anycast servers, in order to be able to actually pinpoint which server I’m talking to.

DNS and anycast :: 26 Feb 2011 :: e-mail