Skip to main content

FAQs

What is a root DNS server?

A root DNS server is a server that serves the DNS root or "." zone, operated by one of 12 independent root server operators. Without any previously cached information, DNS resolvers consult a root DNS server to find the nameservers for the top-level domain (TLD) of any query. As an example, when a packet needs to be sent to the IP address for www.ripe.net, the DNS resolver will first need to find the IP address of the DNS server for the "net" zone. This address for the "net" zone must be requested from a root DNS server. Keep in mind that, in real Internet traffic, almost all queries for the DNS root zone are answered from a DNS cache provided by a service provider.

What is an AuthDNS server?

This is a DNS server that serves various zones, such as ripe.net and the infrastructure zones of the other RIRs, in-addr.arpa and ip6.arpa, reverse DNS zones operated by the RIPE NCC and other RIRs, and some ccTLDs. Such a server plays an important role in the proper functioning of the DNS of the RIR system.

What is a Hosted DNS node?

A Hosted DNS node is a small, rack-mounted server with well-defined hardware specifications, or a well-provisioned virtual machine, managed by the RIPE NCC, that serves clients in your local network neighbourhood. It can either provide root DNS service, or AuthDNS service.

Who can host a Hosted DNS node?

In principle, anyone who is interested can request to host such a node. However, we of course want to provide reliable and stable DNS operations. We therefore expect requests to come from organisations that can host the server in a professionally run colocation environment, including reliable and redundant power facilities and appropriate physical security.

What are the benefits to my network of hosting a Hosted DNS node?

For most well-connected networks, the benefits of locally hosting a Hosted DNS node, will be very modest - or even non-existent. Most queries will be answered from a local cache, such as one hosted by your service provider or even by your own organisation. The very small fraction of queries for top-level domains actually sent to a root DNS or AuthDNS server may indeed be answered faster if you host a DNS server yourself. However, this will only have a noticeable impact in the case that your Internet traffic currently experiences a very long delay to reach the nearest DNS server.

What are the benefits to the Internet of hosting a Hosted DNS node in my network?

These days many authoritative DNS servers are already quite well distributed over several hundred locations. Therefore, the benefit of adding a single Hosted DNS instance to any network will have little impact on the global DNS as a whole. However, by distributing DNS servers over a larger number of smaller networks, the DNS system as a whole becomes more resilient to some types of attacks. For example, a denial of service attack against the DNS system has a more localised impact in the presence of a larger number of locally hosted DNS instances.

Will having a Hosted DNS node increase my network's performance?

As mentioned, the vast majority of queries will be answered from a local cache. Any improvements in performance that you may notice will only apply to the small fraction of queries that are actually sent upstream to an authoritative DNS server. Generally, you should not expect any noticeable performance improvement.

Will a Hosted DNS node in my network improve the resiliency of DNS resolution in my network?

The design and implementation of the DNS system as a whole is already extremely resilient. However, depending on the resiliency of the upstream connections from your own network, it is possible that your network could become disconnected from the larger Internet and the DNS servers there. In some cases your clients may still be able to exchange traffic locally. When your network remains disconnected from its upstreams for a period of hours to days, the cached information for the various zones will gradually become invalid and your clients may start to notice a gradually increasing number of failing queries, including those for local destinations. In this particular case, having a Hosted DNS node locally may increase the time before the cached information about the various zones becomes invalid. In this limited way, a locally hosted node may slightly improve your DNS resiliency. However, it must be noted that, even though most zone information may be available for a somewhat longer time, cached information for important top-level domains for example "com", "net" and important ccTLD's for your clients) will also start to become invalid. Therefore, in practice, your end users will still notice failing queries for local traffic in the case that the isconnection persists for longer periods.

Will a Hosted DNS node in my network improve response times for DNS queries in my network?

Your network currently may experience long response times for queries to authoritative DNS servers. This may, for example, be caused by a very large geographical distance to the nearest authoritative DNS server, or by congested uplink connectivity from your network. In this case, hosting a node locally may improve response times for queries for the various top-level zones. However, you must keep in mind that only a very small fraction of queries for top-level zones are actually answered by ;the Hosted DNS servers; most of these queries will be answered from local caches. Also, for real Internet traffic, the queries to important TLDs will also be impacted by your upstream connectivity. Therefore, again, the actual improvements to overall DNS response will be very limited, or even unnoticeable.

Will having a Hosted DNS node decrease upstream bandwidth for my network?

As explained above, only a very small percentage of queries for the top-level zones are actually sent to their respective authoritative servers. Therefore, hosting a node will not impact your upstream bandwidth use in any noticeable way.

How will the Hosted DNS server be operated? Will I have access to the server?

The RIPE NCC will manage the server remotely. Your staff will have no access to the server itself.

How will anycast prefixes be originated? Will I source the prefixes from my ASN?

The Hosted DNS node will have a BGP peering with one of your ;BGP-speaking routers. The server will advertise the K-root or AuthDNS anycast prefixes from AS25152 or AS197000 to your router. Your router needs to propagate the prefixes to your clients. In the case that the RIPE NCC observes problems with the hosted node or its reachability, our server will withdraw the prefixes in order to redirect traffic to other DNS servers.

Will I have to run this Hosted DNS node forever?

The intention is that DNS services are reliable and stable. This means that we expect a hosted node to be a long-term commitment for both the host and the RIPE NCC, as stated in the MoU we ask hosts to sign. However, it is possible for both the RIPE NCC and the host to terminate the MoU and the hosted node if this is deemed necessary by either party.

Will the RIPE NCC be able to cancel this Hosted DNS node if they want to?

The intention is that DNS services remain reliable and stable. As such, we expect a hosted node to be a long-term commitment for both the host and the RIPE NCC, and ask hosts to sign an MoU to this extent. However, it is possible for both the RIPE NCC and the host to terminate the MoU and the hosted node if this is deemed necessary by either party. In the case that the RIPE NCC observes problems with the hosted node or its reachability, our server will withdraw the prefix in order to redirect traffic to other DNS servers.

Will I have to pay the RIPE NCC for managing a Hosted DNS node on my network?

No, the RIPE NCC does not charge any fees for managing the hosted node. However, you will have to purchase a server according to our specifications to run the hosted node. Alternatively, you will have to provide a well-provisioned virtual machine.

Will the RIPE NCC cover my initial or ongoing operational costs for hosting a Hosted DNS node?

No, the RIPE NCC will not contribute to either purchasing costs or any ongoing costs for a hosted node.

More information

For further explanation of the DNS system as a whole, including the role of the root servers, please read this excellent explanation:
http://www.internetsociety.org/internet-domain-name-system-explained-non-experts-daniel-karrenberg

You can also find a more detailed list of questions about root DNS name servers in general here:
http://www.internetsociety.org/dns-root-name-server-frequently-asked-questions