You are here: Home > Internet Coordination > News > Industry Developments > Global Root Server System Stands Firm Against DDoS Attack
Service Announcements
  • All of our services are operating normally.
Check Network Health

Global Root Server System Stands Firm Against DDoS Attack

Archived This content has been archived and is no longer actively maintained.

7 February 2007 - Overnight attempts to disrupt global computer traffic were foiled in part thanks to the RIPE NCC managed K-root server.

A Distributed Denial of Service (DDoS) attack appeared to target at least five of the thirteen root name servers early Tuesday morning, according to the RIPE NCC's preliminary analysis. The attacks caused two of the root name servers to stop responding to up to 90% of queries. However, the other root name servers, including the RIPE NCC managed K-root, kept the Internet working during this time.

The Internet relies on thirteen root name servers deployed globally to manage traffic between computers connected to the Internet. They are referred to by letters of the alphabet running from A to M. Together the root name servers help to translate human readable names (like www.ripe.net) to network addresses which are used to route Internet traffic all over the world. To ensure stability, no one organisation controls the thirteen root name servers. In addition, each root name server can run across hundreds of machines worldwide, ensuring further resilience of the root name server system. It is a tribute to the robust nature of this system that Tuesday's DDoS attack passed largely unnoticed by the average computer user while experts worked to process the flood of data generated by the attack.

Following earlier DDoS attacks on root name servers in October 2002, the RIPE NCC has improved the reliability of the root name server system by installing mirror instances of the K-root server. RIPE NCC engineers have deployed mirror instances of the K-root server in 17 locations worldwide.

"I am glad that we have invested in distributing the K-root name server to locations all over the world," said Daniel Karrenberg, Chief Scientist at the RIPE NCC. "This makes the service we provide more resilient against this sort of attack. The good thing about yesterday's attack is that it got noticed only because of our public monitoring and not because Internet users felt any of it."

More information:

The RIPE NCC's DNS Monitoring Services provides a comprehensive, objective and up-to-date overview on the quality of service of the root name servers.

Useful background can be found in the briefings below, which were written by the RIPE NCC's Chief Scientist, Daniel Karrenberg:

DNS Root Name Servers Explained For Non-Experts
http://www.isoc.org/briefings/019/

DNS Root Name Server Frequently Asked Questions
http://www.isoc.org/briefings/020/

The Internet Domain Name System Explained for Non-Experts
http://www.isoc.org/briefings/016/index.shtml

These external links will open in a new browser window