I was reading about DNS some days ago and learned how the requests are processed.
If you surf to www.example.com, then a request will go to the Root Name Servers to see who owns that .com address, then another request will go to another, more local, DNS server to see who owns the example.com address and so on.
How is it technically possible that the 13 Root Name Servers can handle all requests done by earth’s billions of Internet users simultaneosly without beeing ddos:ed?
They’re 13 highly available clusters of servers, not simply 13 servers.
Among other things, root nameserver operators are required to have enough capacity to handle three times their normal traffic load (RFC 2870). This leads to rather large clusters.
However, the root nameservers only serve responses for the top level domains themselves, i.e.
ae., etc., and the nameservers which query the root can cache this information up to 48 hours, which dramatically reduces the load at the root nameservers. This leads to smaller clusters.
The root nameservers are in over 130 physical locations in 53 countries; with only 13 server names, this is done through the magic of IPv4 anycast.
The root nameservers also have their own web site, which you may find interesting reading.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.