Why Only 13 DNS Root Servers? History, Limits, and Modern Solutions

DNS Basics

DNS is a hierarchical, distributed naming system. A fully qualified domain name ends with a trailing dot and consists of multiple labels separated by dots. For example, the domain TAOSHU.IN. has three levels: the root label ., the top‑level domain IN, and the second‑level label TAOSHU.

Current Root Servers

The DNS resolution process always starts at the root servers. Today the Internet community operates 13 root server instances, each identified by a hostname, IPv4/IPv6 addresses, operating organization, and country:

a.root-servers.net – 198.41.0.4, 2001:503:ba3e::2:30 – Verisign, Inc. – United States

b.root-servers.net – 199.9.14.201, 2001:500:200::b – University of Southern California, Information Sciences Institute – United States

c.root-servers.net – 192.33.4.12, 2001:500:2::c – Cogent Communications – United States

d.root-servers.net – 199.7.91.13, 2001:500:2d::d – University of Maryland – United States

e.root-servers.net – 192.203.230.10, 2001:500:a8::e – NASA (Ames Research Center) – United States

f.root-servers.net – 192.5.5.241, 2001:500:2f::f – Internet Systems Consortium, Inc. – United States

g.root-servers.net – 192.112.36.4, 2001:500:12::d0d – US Department of Defense (NIC) – United States

h.root-servers.net – 198.97.190.53, 2001:500:1::53 – US Army (Research Lab) – United States

i.root-servers.net – 192.36.148.17, 2001:7fe::53 – Netnod – Sweden

j.root-servers.net – 192.58.128.30, 2001:503:c27::2:30 – Verisign, Inc. – United States

k.root-servers.net – 193.0.14.129, 2001:7fd::1 – RIPE NCC – Netherlands

l.root-servers.net – 199.7.83.42, 2001:500:9f::42 – ICANN – International

m.root-servers.net – 202.12.27.33, 2001:dc3::35 – WIDE Project – Japan

Priming Queries

Every DNS resolver ships with a "Root Hints" file that lists the current root servers. Because the list can change, resolvers periodically perform a *priming query*—a DNS request to a known root server to fetch the latest root‑server list and cache it for a limited time.

Message Size Limitation

Priming queries use the standard DNS protocol over UDP, which historically limited responses to 512 bytes (the same limit as ordinary queries). As the number of root servers grew, the response size approached this limit, creating a technical bottleneck that prevented adding more servers.

DNS Message Structure

A DNS message consists of five sections:

+---------------------+
|        Header       |
+---------------------+
|      Question       | the question for the name server
+---------------------+
|       Answer        | RRs answering the question
+---------------------+
|     Authority       | RRs pointing toward an authority
+---------------------+
|    Additional       | RRs holding additional information
+---------------------+

The Header is 12 bytes and contains fields such as ID, QR, Opcode, AA, TC, RD, RA, Z, RCODE, QDCOUNT, ANCOUNT, NSCOUNT, and ARCOUNT. The Question section holds the queried domain name (QNAME) and two 2‑byte fields: QTYPE and QCLASS.

Each Answer (or Resource Record, RR) adds TTL, RDLENGTH, and RDATA fields. In a priming response, RDATA contains the domain name and IP address of a root server.

Label Compression

To stay within the 512‑byte limit, DNS introduced label compression using pointers. A pointer is a two‑byte field whose two high bits are set to 11; the remaining 14 bits encode an offset from the start of the message header to a previously occurring label.

Example: the domain A.ROOT‑SERVERS.NET can be represented fully (31 bytes). The second domain B.ROOT‑SERVERS.NET can reuse the suffix via a pointer, reducing its representation to only 5 bytes and saving 15 bytes.

Root Server Renaming

Before 1995 the root server hostnames were heterogeneous (e.g., NS.INTERNIC.NET, NS1.ISI.EDU). To enable compression, the community renamed them to a uniform scheme A.ROOT‑SERVERS.NET through M.ROOT‑SERVERS.NET. The mapping was:

NS.INTERNIC.NET → A.ROOT‑SERVERS.NET (InterNIC)

NS1.ISI.EDU → B.ROOT‑SERVERS.NET (Information Sciences Institute, USC)

C.PSI.NET → C.ROOT‑SERVERS.NET (PSINet)

TERP.UMD.EDU → D.ROOT‑SERVERS.NET (University of Maryland)

NS.NASA.GOV → E.ROOT‑SERVERS.NET (NASA Ames)

NS.ISC.ORG → F.ROOT‑SERVERS.NET (Internet Systems Consortium)

NS.NIC.DDN.MIL → G.ROOT‑SERVERS.NET (GSI)

AOS.ARL.ARMY.MIL → H.ROOT‑SERVERS.NET (U.S. Army Research Lab)

NIC.NORDU.NET → I.ROOT‑SERVERS.NET (NORDUnet)

In 1997 four more servers (J, K, L, M) were added.

IPv6 and Anycast

When IPv6 was introduced, the 512‑byte limit became insufficient for returning AAAA records. The community created EDNS0 to allow larger UDP responses. Later, Anycast was adopted: the same IP address is announced from many geographically distributed instances, routing clients to the nearest server. The first Anycast deployment was on the J root server in 2002. Today each of the 13 root server names maps to both an IPv4 and IPv6 address, and each address is served by dozens of instances, totaling over 1 500 root server instances worldwide.

Chinese Root Server Mirrors

Although China does not host an authoritative root server, many mirror instances are deployed inside the country. The letters of the root servers that have mirrors in China include:

A – Guangzhou

D – Hong Kong, Taipei

E – Taipei

F – Beijing, Chongqing, Hangzhou, Kaohsiung, Nanning, Taipei

I – Beijing, Hong Kong, Shenyang, Taipei

J – Beijing, Hong Kong, Huzhou, Shanghai

K – Beijing, Guangzhou, Guiyang, Taipei

L – Beijing, Changsha, Haikou, Shanghai, Wuhan, Xining, Xinbei, Zhengzhou

M – Kaohsiung

These mirrors provide low‑latency DNS resolution for users inside China, typically showing round‑trip times around 50 ms.