Home / Blogs

Measuring Root Server Performance

Daniel Karrenberg

Root name servers are a core service of the Internet (For more information on root name servers, please see the DNS Root Name Server FAQ). As such they receive a huge amount of queries and need to answer reliably with acceptable delay. The RIPE NCC is responsible for operating one of the 13 DNS root name servers K-root which responds to 10,000 — 15,000 queries per second. Most root servers are operated as a network of distributed "instances" using anycast. That means a single IPv4 or IPv6 address is announced simultaneously by a set of name server "instances" deployed in different geographical locations.

K-root operates 18 instances; You can find a map http://k.root-servers.org/ on the RIPE NCC's website.

VisualK is a new tool that monitors the load of the K-root name server supported by each instance. It further shows load migrations between pairs of instances over time. ViskalK is one of the tools our operations staff use to monitor the health of K-root.
The image below is a screenshot of the output of the tool. Each instance of K-root is represented by two concentric circles:

  • The first one, filled with colour, has a size proportional to the number of queries per second received on that instance;
  • The other one, indicated by a dotted line, shows the average load over the previous 30 minutes. This is used as a reference value.

In most cases, these circles overlap. But in some cases you can see that the dotted line is much larger, for example at the root name server instance in Poznan, Poland. This means that something has changed recently: the number of queries has dropped significantly.

In the image you can also see that pairs of instances are connected by links (or "tentacles") if they are considered topologically adjacent. Links between root name server instances are generally invisible, but become active when traffic migration is detected: colour and size of the link indicate the origin and volume of traffic flow, together with bubbles pouring into the instance receiving the traffic. In our example you can see that some load has moved from the instance at NAP (in Miami, Florida) to the one located at LINX (in London, UK).

In addition, VisualK highlights unusual behaviour. Flashing arrows show load migrations between instances that are not considered adjacent. Root name server instances start to blink if their traffic load decreases significantly. The goal is to help spot unexpected changes while they are happening and to allow root name server operators to investigate what causes these changes.

For more information, please refer to the background article on RIPE Labs: VisualK — Monitoring K-root in Near Real Time

VisualK has been developed by Claudio Squarcella, intern at the RIPE NCC, in collaboration with the Compunet Lab at Roma Tre University.

By Daniel Karrenberg, Chief Scientist at the RIPE NCC

Related topics: DNS, Regional Registries


Don't miss a thing – get the Weekly Wrap delivered to your inbox.


To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Dig Deeper

IP Addressing

Sponsored by Avenue4 LLC

DNS Security

Sponsored by Afilias

Mobile Internet

Sponsored by Afilias Mobile & Web Services


Sponsored by Verisign

Promoted Posts

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s. more»

Industry Updates – Sponsored Posts

Global Domain Name Registrations Reach 329.3 Million, 2.3 Million Growth in Last Quarter of 2016

Neustar to be Acquired by Private Investment Group Led by Golden Gate Capital

Don't Gamble With Your DNS

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

How Savvy DDoS Attackers Are Using DNSSEC Against Us

Radix Adds Dyn as a DNS Service Provider

Dyn Partners with the Internet Systems Consortium to Host Global F-Root Nameservers

Is Your TLD Threat Mitigation Strategy up to Scratch?

Domain Management Handbook from MarkMonitor

What Holds Firms Back from Choosing Cloud-Based External DNS?

Computerworld Names Afilias' Ram Mohan a Premier 100 Technology Leader

Protect Your Privacy - Opt Out of Public DNS Data Collection

Measuring DNS Performance for the User Experience

Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy

Internet Grows to 296 Million Domain Names in Q2 2015

Protect Your Network From BYOD Malware Threats With The Verisign DNS Firewall

Introducing the Verisign DNS Firewall

Verisign Named to the Online Trust Alliance's 2015 Honor Roll

3 Key Steps for SMBs to Protect Their Website and Critical Internet Services

Key Considerations for Selecting a Managed DNS Provider