Root Matters: ISI Greatly Enhances Internet Root Server

June 12, 2017

The USC Information Sciences Institute launched a second physical site of the Internet root server it manages on May 2, greatly boosting the service's ability to fulfill an unusual, dual mandate.

Root servers are pivotal to Net operations, and the USC ISI service performs operational heavy lifting while supporting groundbreaking Net research. "We serve a different need" than most other root service operators, says Terry Benzel, ISI deputy director for its computer networks division. "We'll be able to delve deeper into new technologies at the same time that we carry our weight in name resolution."

The new Miami location caps a five-year effort to re- architect and upgrade the original Los Angeles site. Called B- Root, the USC ISI-managed service is one of the original, authoritative root servers worldwide - and the only one managed directly by researchers.

Despite their underground connotations, root servers form the uppermost layer in an inverse Net operations pyramid. As message points-of-entry, they answer other servers' requests for contact IP addresses about global domains such as .com and .org, and for country codes such as .ca, .jp and .in. Root servers solely return information about these highest-level names, never transmitting individual messages such as email and web traffic.

Terry Benzel

Each root server also has multiple physical locations to ensure rapid responses. Called "instances", these locales act as extensions of the original 13 servers. Net traffic is directed to one of 13 addresses, but requests are answered by whichever instance is physically closest. Some root servers now have hundreds of instances, for a total of 600 instances worldwide. Yet B-Root still handles 1/13th of all Net traffic, making the new instance highly significant despite B-Root's comparatively small footprint.

Instances traditionally are named for their nearest international airport. The new site, called MIA Instance for Miami International Airport, is housed near Florida International University. Together with B-Root's previous LAX Instance, the upgrade boosts capacity by doubling bandwidth, lowers latency - which translates to faster connection speeds, increased resiliency - and delivers other meaningful gains.

MIA Instance also makes operations far more reliable in case of an earthquake or other Los Angeles-area disaster. While the bulk of B-Root traffic still is received at LAX Instance, each server now can operate at full capacity alone. Given that redundancy, says Wes Hardaker, an ISI senior computer scientist and root service operations manager, "the rest of the world wouldn't even notice something was wrong."

Wes Hardaker
The re-architecting enables ISI researchers to continue using B-Root to delve into technologies for naming and identity systems, and to seek ways to improve root server functionality and safety. "We'd like changes to the root server system to happen here first," says Hardaker, "in a safe and reliable way." ISI already has submitted a National Science Foundation proposal for a protocol experimentation testbed, and is considering novel projects in partnership with industry and other collaborators.

The team also intends to launch a third instance - which Hardaker expects to be far less time and labor-intensive than MIA was - within five years. Subsequently, they'll seek to extend the service further using a dynamic, adaptive approach that can withstand the distributed denial- of-service (DDOS) attacks used to overwhelm servers with vast numbers of superfluous requests. Says Hardaker, "We want to execute in a way that automatically adjusts to traffic loads even under DDOS."

ISI has managed a portion of the root service since the server was set up in 1987 by Jonathan Postel, an ISI researcher whose work was fundamental to the Net's invention, including data and message protocols TCP/IP and SMTP. Postel also helped launch the vital Domain Name System (DNS) created by ISI colleague Paul Mockapetris. The DNS translates alphabetical names that humans understand and remember into numerical addresses understandable by computers.

The latest transition was managed by Benzel and John Heidemann, previous operational team lead and B-Root administrator, with strong support from the US Department of Homeland Security, Science and Technology Directorate, Cyber Security Division.