The root name servers (*.root-servers.net
) aren't authoritative for TLDs, but they are authoritative for the root i.e. .
. They delegate control to the TLD name servers, and provide glue records for their name servers, just like the TLD name servers deletates the control further to the authoritative name servers of the domains.
a.root-servers.net
is authoritative for .
(aa
bit set on the response):
dig . NS @a.root-servers.net
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 27
a.root-servers.net
is not authoritative for e.g. gov
or ee
(no aa
bit):
dig gov NS @a.root-servers.net
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 9
;; AUTHORITY SECTION:
gov. 172800 IN NS a.gov-servers.net.
gov. 172800 IN NS b.gov-servers.net.
gov. 172800 IN NS c.gov-servers.net.
gov. 172800 IN NS d.gov-servers.net.
dig ee NS @a.root-servers.net
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 5, ADDITIONAL: 10
;; AUTHORITY SECTION:
ee. 172800 IN NS b.tld.ee.
ee. 172800 IN NS e.tld.ee.
ee. 172800 IN NS ee.aso.ee.
ee. 172800 IN NS ee.eenet.ee.
ee. 172800 IN NS ns.tld.ee.
TLD name servers are authoritative for TLDs.
The authoritative servers listed above responds authoritatively, e.g.:
dig gov NS @a.gov-servers.net
;; flags: qr aa rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
The root (last dot) is often omitted, but example.com
is actually example.com.
, and com
is com.
etc.