So I’ve heard that the entire internet depends on thirteen computers which hold the lists of all internet adresses. No request can be served without these thirteen computers. So if terrorists managed to physically destroy these thirteen computers, would that shut down the entire internet? If so, how long would it take to get working replacements? And if just one such computer was destroyed, would it be easy to redistribute the load to the other twelve?
Those are the root DNS servers, and they are responsible for holding all the domain-name information for non-country-code top-level domains.
However, 99% of all DNS requests are handled by your local nameserver, which caches results fetched from the root server for some time. Even if you knocked all thirteen root servers out at once, the millions of local nameservers around the world would still function. They would not be able to get updated information, but the most commonly used domain names would still function. Finally, it would be very easy for someone to distribute the IP addresses of new root nameservers to the various network operators around the world. (And, yes, they have very good backups.)
The nameservers don’t affect the functioning of the internet at all, except that they’re needed to translate domain names into IP addresses. If you wanted to, you could do everything with numeric IPs, though it removes a pleasant layer of abstraction.
The thirteen servers are the root servers, which maintain authoritative lists of the primary DNS servers for each domain. (DNS is the system that converts named Internet addresses to numeric IP addresses and vice versa.) Each domain (.com, .org, .uk, etc.) has a single authoritative main DNS server that contains information about all the other DNS information on that domain. There is also at least one secondary server for each domain. Your ISP has its own DNS server. I’m not sure if the bottom-level DNS servers contain sufficient information of their own to function if the upper-level servers go down, though – someone else can probably answer that. For more about DNS and TCP/IP see here.
There have been times when one or more of these servers went down, and generally very little happens. Even if they all went down, they could be brought back up, even if it means restoring the data from an off-site backup onto a different computer. (It might even be possible to continue accessing sites using numeric IP addresses until the DNS was restored.) I’m also not entirely sure that the Internet really does depend on 13 servers.
I won’t get into how difficult it would be to simultaneously destroy thirteen computers scattered around the world. Someone who claims that the whole Internet could easily be brought down in a single attack is probably, IMO, someone who wants to sell a book, promote a business interest, or maybe just get a job.
There are a few weak links in the Internet, though, that might be vulnerable to attack, or at least used to be. At one time, practically all traffic between, for example, Australia and the rest of the world went through one or a very small number of high-speed links. If one of the major undersea links was damaged, traffic between the country affected and the rest of the Internet would be slower, but would probably still function until the link was restored. There are also ‘backbones’ in the US and Europe that carry very large amounts of traffic. Again, the Internet does not depend on these backbones entirely, but it would be slowed down if they were disrupted.
friedo: That’s what I thought – I just wasn’t sure whether the local DNS server contained a complete set of DNS information or requested it from a centralized repository. Do you know how many backup name servers a large domain like .com would have?
Re-reading my post, I was less than clear about this. Your local DNS server has a cache and keeps domain information around for a few days. After the information gets old (for a predetermined definition of “old”), it gets deleted from the cache. When you make a DNS request, your DNS server first sees if it has the information in its cache. If not, then it asks the root server. Thus, by changing information on the root server, the local server will get the new record when the old one is deleted. This is why it takes a few days for DNS info to propogate.
These days, most DNS servers are big enough to store all the DNS information in their cache. (It’s really not all that big, in terms of HD storage.) However, most domain names are not particularly commonly requested. For example, very few people need to resolve my domain, friedo.com. So if the root servers all went down, it’s likely that not all local DNS servers would have a copy of friedo.com’s record, because they’ve never needed it. That’s why I said the most commonly used domains would still work.
A properly configured local DNS server knows the addresses of several of the root servers, so even if one goes down it shouldn’t be a big deal.
Finally, the country-code TLDs (.uk, .us, .ca et al) have their own root servers which are maintained by that country’s government.
The root DNS servers have already been attacted in October of 2002.
That particular link is a bit thin on details, but if memory serves they actually managed to take down 11 of the 13. And yet the ‘common’ user never noticed.
So, IMHO, they’re as robust and fail-safe as they could reasonably be.