How is it possible for the Root Name Servers to handle all DNS requests?

Rox asked:

I was reading about DNS some days ago and learned how the requests are processed.
If you surf to, then a request will go to the Root Name Servers to see who owns that .com address, then another request will go to another, more local, DNS server to see who owns the address and so on.

How is it technically possible that the 13 Root Name Servers can handle all requests done by earth’s billions of Internet users simultaneosly without beeing ddos:ed?

My answer:

They’re 13 highly available clusters of servers, not simply 13 servers.

Among other things, root nameserver operators are required to have enough capacity to handle three times their normal traffic load (RFC 2870). This leads to rather large clusters.

However, the root nameservers only serve responses for the top level domains themselves, i.e. com., net., uk., ae., etc., and the nameservers which query the root can cache this information up to 48 hours, which dramatically reduces the load at the root nameservers. This leads to smaller clusters.

The root nameservers are in over 130 physical locations in 53 countries; with only 13 server names, this is done through the magic of IPv4 anycast.

The root nameservers also have their own web site, which you may find interesting reading.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.