Reason for Limited number of Root DNS Servers

Mark Andrews marka at isc.org
Fri Nov 11 20:23:42 UTC 2011


In message <002b01cca054$9be42920$d3ac7b60$@nic.in>, Gaurav Kansal writes:
> Thanks a lot Mark.
> But  I don't understand the calculation part.
> Is there any source available from which I can get detail information
> regarding the same??????

The DNS protocol is defined in RFC 1034 and RFC 1035.  This all comes
from a basic analysis of how the data is packed into a DNS packet.
 
> Thanks and Regards,
> Gaurav Kansal
> 9910118448
> 
> 
> 
> -----Original Message-----
> From: Mark Andrews [mailto:marka at isc.org] 
> Sent: Friday, 11 November, 2011 12:14 PM
> To: Gaurav Kansal
> Cc: bind-users at isc.org
> Subject: Re: Reason for Limited number of Root DNS Servers
> 
> 
> In message <004c01cca034$259d4870$70d7d950$@nic.in>, Gaurav Kansal writes:
> > 
> > Dear All,
> > 
> >  
> > 
> > Somewhere I read that number of ROOT DNS servers is limited to 13 
> > because of protocol limitation of DNS and UDP.
> > 
> > Exact writing was  "A combination of limits in the DNS and certain 
> > protocols, namely the practical size of unfragmented User Datagram 
> > Protocol
> > (UDP) packets, resulted in a limited number of root server addresses 
> > that can be accommodated in DNS name query responses. This limit has 
> > determined the number of name server installations at (currently) 13 
> > clusters, serving the needs of the entire public Internet worldwide."
> > 
> > As root DNS are running in anycast so number is not an issue at all. 
> > But I don't understand where exactly is this limitation exists???
> > 
> > Please some elaborate on this.
> > 
> > Thanks and Regards,
> > 
> > Gaurav Kansal
> > 
> > 9910118448
> 
> 	Actually despite the words above it has *nothing* to do
> 	with unfragmented UDP and everything to with being able to
> 	reassemble fragmented UDP.
> 
> 	All IPv4 hosts MUST accept fragmented packets up to 576
> 	octets (RFC 791).  DNS's 512 octet UDP limit was choosen to
> 	ensure that the UDP datagram can always be reassembled and
> 	for there to be room for some IP options in addition to the
> 	IP and UDP headers.
> 
> 	Originally there wasn't commonality in the root server's
> 	names.  Then it was said if we make the maximum use of
> 	compression how root servers can we fit into a DNS/UDP
> 	message?
> 
> 	The first NS record takes 31 octets (1 + 2 + 2 + 4 + 2 + 20).
> 
> 	Additional a NS records for . takes 15 octets (1 octets for
> 	the name, 2 octets for the class, 2 octets for the type, 4
> 	octets for the ttl, 2 octet for length and 4 of actual data).
> 
> 	A "A" record with a compressed ownername takes 16 octets
> 	(2 octets for the name, 2 octets for the class, 2 octets for the
> 	type, 4 octets for the ttl, 2 octet for length and 4 of actual
> data).
> 
> 	Then there is the 12 octet header and the 5 octet question.
> 
> 	Doing the math on priming queries you get the following:
> 
> 		13 names uses 436 octets
> 		14 names uses 467 octets
> 		15 names uses 498 octets
> 
> 	If you have a referral to the root with a maximum sized qname
> 	it takes 482 octets (12 + 255 + 4 + 31 + 15 * 12).
> 	
> 	Mark
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the bind-users mailing list