Tuesday, August 20, 2013

DNS: TLD Name Servers per country

I was curious to see what countries seem to run / control most of the Domain Name System. Especially how much is actually located in the US.

Root servers


First of all lets look at the Root-Servers the one responsible for ".". These servers point to the Generic TLD and CcTLD servers such as .be, .be .nl, .uk .com .net etc.



TLD Server IP AS Country
. a.root-servers.net. 198.41.0.4 AS36620 VeriSign Global Registry Services United States
. b.root-servers.net. 192.228.79.201 AS4 University of Southern California United States
. c.root-servers.net. 192.33.4.12 AS2149 Cogent Communications United States
. d.root-servers.net. 199.7.91.13 AS27 University of Maryland at College Park United States
. e.root-servers.net. 192.203.230.10 AS297 National Aeronautics and Space Administration United States
. f.root-servers.net. 192.5.5.241 AS3557 Internet Systems Consortium, Inc. United States
. g.root-servers.net. 192.112.36.4 AS5927 DoD Network Information Center United States
. h.root-servers.net. 128.63.2.53 AS13 Headquarters, USAISC United States
. i.root-servers.net. 192.36.148.17 AS29216 NETNOD Internet Exchange i Sverige AB Sweden
. j.root-servers.net. 192.58.128.30 AS36626 VeriSign Global Registry Services United States
. k.root-servers.net. 193.0.14.129 AS25152 Reseaux IP Europeens Network Coordination Centre (RIPE NCC) Netherlands
. l.root-servers.net. 199.7.83.42 AS20144 DNS Root Name Server L.ROOT-SERVERS.NET United States
. m.root-servers.net. 202.12.27.33 AS7500 WIDE Project Japan

As you can see in the above diagram, out of the 13 servers 10 are run in the USA, 2 are run in Europe of which one in The Netherlands and one in Sweden, and one server resides in Asia, Japan.
Of the US based servers, the g.root-servers.net server is operated by the Department of Defense, two are operated by Verisign the rest by Universities, NASA and the ISC.

Infrastructure top level domain:


TLD Description Notes
.Arpa Address and Routing Parameter Area Must verify eligibility for registration; only those in various categories of air-travel-related entities may register.


The .Arpa TLD is used for reverse DNS functionality and uses the root servers.

The most common implementation of this .Arpa domain is the 'z.y.x.w.in-addr.arpa' way of resolving domains. (dig -x )


TLD Server IP ASN Country
in-addr.arpa a.in-addr-servers.arpa. 199.212.0.73 AS393225 ARIN Operations United States
in-addr.arpa b.in-addr-servers.arpa. 199.253.183.183 AS26710 ICANN DNS Operations Anycast United States
in-addr.arpa c.in-addr-servers.arpa. 196.216.169.10 AS37181 AFRINIC-ANYCAST Mauritius
in-addr.arpa d.in-addr-servers.arpa. 200.10.60.53 AS28001 Latin American and Caribbean IP address Uruguay
in-addr.arpa e.in-addr-servers.arpa. 203.119.86.101 AS18368 UNICAST AS of ANYCAST node(The Netherlands) Australia
in-addr.arpa f.in-addr-servers.arpa. 193.0.9.1 AS197000 Reseaux IP Europeens Network Coordination Centre (RIPE NCC) Netherlands

Mauritius? I admit it, I had to Google. But domaintools.com agreed with the Maxmind database: http://whois.domaintools.com/196.216.169.10

Uruguay is also an unusual country for such a high traffic service. ( in my opinion )
But again: http://whois.domaintools.com/200.10.60.53

Generic Top Level domains:

These are the Generic Top Level domains:


TLD Description Notes
.Arco air-transport industry Must verify eligibility for registration; only those in various categories of air-travel-related entities may register.
.Asia Asia-Pacific region This is a TLD for companies, organizations, and individuals based in the region of Asia, Australia, and the Pacific.
.Biz business This is an open TLD; any person or entity is permitted to register; however, registrations may be challenged later if they are not held by commercial entities in accordance with the domain's charter. This TLD was created to provide relief for the wildly popular .com TLD.
.Cat Catalan This is a TLD for Web sites in the Catalan language or related to Catalan culture.
.Com commercial This is an open TLD; any person or entity is permitted to register.
.Coop cooperatives The .coop TLD is limited to cooperatives as defined by the Rochdale Principles.
.Info information This is an open TLD; any person or entity is permitted to register.
.Int international organizations The .int TLD is strictly limited to organizations, offices, and programs which are endorsed by a treaty between two or more nations.
.Jobs companies The .jobs TLD is designed to be added after the names of established companies with jobs to advertise. At this time, owners of a "company.jobs" domain are not permitted to post jobs of third party employers.
.Mobi mobile devices Must be used for mobile-compatible sites in accordance with standards.
.Museum museums Must be verified as a legitimate museum.
.Name individuals, by name This is an open TLD; any person or entity is permitted to register; however, registrations may be challenged later if they are not by individuals (or the owners of fictional characters) in accordance with the domain's charter.
.Net network This is an open TLD; any person or entity is permitted to register. Originally intended for use by domains pointing to a distributed network of computers, or "umbrella" sites that act as the portal to a set of smaller websites.
.Org organization This is an open TLD; any person or entity is permitted to register. Originally intended for use by non-profit organizations, and still primarily used by some.
.Post postal services The .post TLD is restricted to Postal Administrations as defined in the Universal Postal Union constitution, and their large customers who wish to provide "Trusted Postal Services".
.Pro professions Currently, .pro is reserved for licensed or certified professionals worldwide. A professional seeking to register a .pro domain must provide their registrar with the appropriate credentials.
.Tel Internet communication services A contact directory housing all types of contact information directly in the Domain Name System.
.Travel travel and tourism industry related sites Must be verified as a legitimate travel-related entity.
.XXX adult content For sites providing sexually explicit content, such as pornography.


The top level domains distribution over the globe is as follows:

     77  United States
     42  Canada
      6  Germany
      3  United Kingdom
      3  Sweden
      2  Switzerland
      2  Spain
      1  Netherlands
      1  Andorra

Canada and the US top the list leaving all other countries far behind. 

Full list:

TLD Server IP AS Country
AERO ns2.switch.ch. 130.59.138.49 AS559 SWITCH, Swiss Education and Research Network Switzerland
AERO dns7.denic.de. 81.91.161.68 AS8763 DENIC eG Germany
AERO ns5.knipp.de. 195.253.6.62 AS8391 Knipp Medien und Kommunikation GmbH Germany
AERO a0.aero.afilias-nst.info. 199.254.51.1 AS12041 Afilias Limited Canada
AERO a2.aero.afilias-nst.info. 199.249.115.1 AS42 PCH PCH Canada
AERO c0.aero.afilias-nst.info. 199.254.53.1 AS12041 Afilias Limited Canada
AERO b0.aero.afilias-nst.org. 199.254.52.1 AS12041 Afilias Limited Canada
AERO b2.aero.afilias-nst.org. 199.249.123.1 AS42 PCH PCH Canada
AERO d0.aero.afilias-nst.org. 199.254.54.1 AS12041 Afilias Limited Canada
ASIA b0.asia.afilias-nst.ASIA. 199.254.28.1 AS12041 Afilias Limited Canada
ASIA d0.asia.afilias-nst.ASIA. 199.254.30.1 AS12041 Afilias Limited Canada
ASIA a0.asia.afilias-nst.info. 199.19.55.1 AS12041 Afilias Limited Canada
ASIA a2.asia.afilias-nst.info. 199.249.114.1 AS42 PCH PCH Canada
ASIA c0.asia.afilias-nst.info. 199.254.29.1 AS12041 Afilias Limited Canada
ASIA b2.asia.afilias-nst.org. 199.249.122.1 AS42 PCH PCH Canada
BIZ a.gtld.BIZ. 156.154.124.65 AS12008 NeuStar, Inc. United States
BIZ b.gtld.BIZ. 156.154.125.65 AS12008 NeuStar, Inc. United States
BIZ c.gtld.BIZ. 156.154.127.65 AS12008 NeuStar, Inc. United States
BIZ e.gtld.BIZ. 156.154.126.65 AS12008 NeuStar, Inc. United States
BIZ f.gtld.BIZ. 209.173.58.66 AS12008 NeuStar, Inc. United States
BIZ k.gtld.BIZ. 156.154.128.65 AS12008 NeuStar, Inc. United States
CAT dnsc.ad. 194.158.74.10 AS6752 Servei de Telecomunicacions d'Andorra Andorra
CAT ns.nic.CAT. 84.88.0.162 AS13041 CESCA - Anella Cientifica RREN Autonomous System Spain
CAT switch.nic.CAT. 130.59.138.49 AS559 SWITCH, Swiss Education and Research Network Switzerland
CAT nsc.nic.de. 81.91.161.84 AS8763 DENIC eG Germany
CAT ns1.nic.es. 194.69.254.1 AS25354 Entidad Publica Empresarial Red.es Spain
CAT anyc1.irondns.net. 195.253.64.4 AS50611 Knipp Medien und Kommunikation GmbH Germany
CAT cat.pch.net. 204.61.216.20 AS42 PCH PCH United States
CAT sns-pb.isc.org. 192.5.4.1 AS3557 Internet Systems Consortium, Inc. United States
COM a.gtld-servers.net. 192.5.6.30 AS36621 VeriSign Global Registry Services United States
COM b.gtld-servers.net. 192.33.14.30 AS26415 Verisign United States
COM c.gtld-servers.net. 192.26.92.30 AS36619 VeriSign Global Registry Services United States
COM d.gtld-servers.net. 192.31.80.30 AS36617 VeriSign Global Registry Services United States
COM e.gtld-servers.net. 192.12.94.30 AS36625 VeriSign Global Registry Services United States
COM f.gtld-servers.net. 192.35.51.30 AS36620 VeriSign Global Registry Services United States
COM g.gtld-servers.net. 192.42.93.30 AS36624 VeriSign Global Registry Services United States
COM h.gtld-servers.net. 192.54.112.30 AS36623 VeriSign Global Registry Services United States
COM i.gtld-servers.net. 192.43.172.30 AS36631 VeriSign Global Registry Services United States
COM j.gtld-servers.net. 192.48.79.30 AS36626 VeriSign Global Registry Services United States
COM k.gtld-servers.net. 192.52.178.30 AS36622 VeriSign Global Registry Services United States
COM l.gtld-servers.net. 192.41.162.30 AS36628 VeriSign Global Registry Services United States
COM m.gtld-servers.net. 192.55.83.30 AS36618 VeriSign Global Registry Services United States
COOP coop1.dyntld.net. 208.78.70.80 AS33517 Dynamic Network Services, Inc. United States
COOP coop2.dyntld.net. 204.13.250.80 AS33517 Dynamic Network Services, Inc. United States
COOP coop3.dyntld.net. 208.78.71.80 AS33517 Dynamic Network Services, Inc. United States
COOP coop4.dyntld.net. 204.13.251.80 AS33517 Dynamic Network Services, Inc. United States
INT ns0.ja.net. 193.63.94.20 AS786 The JNT Association United Kingdom
INT ns0.ja.net. 128.86.1.20 AS786 The JNT Association United Kingdom
INT sec2.authdns.ripe.net. 193.0.9.4 AS197000 Reseaux IP Europeens Network Coordination Centre (RIPE NCC) Netherlands
INT ns.uu.net. 137.39.1.3 AS701 MCI Communications Services, Inc. d/b/a Verizon Business United States
INT ns.icann.org. 199.4.138.53 AS26710 ICANN DNS Operations Anycast United States
INT ns1.cs.ucl.ac.uk. 128.16.5.32 AS786 The JNT Association United Kingdom
JOBS a5.nstld.com. 192.5.6.34 AS36621 VeriSign Global Registry Services United States
JOBS c5.nstld.com. 192.26.92.34 AS36619 VeriSign Global Registry Services United States
JOBS d5.nstld.com. 192.31.80.34 AS36617 VeriSign Global Registry Services United States
JOBS f5.nstld.com. 192.35.51.34 AS36620 VeriSign Global Registry Services United States
JOBS g5.nstld.com. 192.42.93.34 AS36624 VeriSign Global Registry Services United States
JOBS h5.nstld.com. 192.54.112.34 AS36623 VeriSign Global Registry Services United States
JOBS l5.nstld.com. 192.41.162.34 AS36628 VeriSign Global Registry Services United States
MIL con1.nipr.MIL. 199.252.157.234 AS721 DoD Network Information Center United States
MIL con2.nipr.MIL. 199.252.162.234 AS721 DoD Network Information Center United States
MIL eur1.nipr.MIL. 199.252.154.234 AS721 DoD Network Information Center United States
MIL eur2.nipr.MIL. 199.252.143.234 AS721 DoD Network Information Center United States
MIL pac1.nipr.MIL. 199.252.180.234 AS721 DoD Network Information Center United States
MIL pac2.nipr.MIL. 199.252.155.234 AS721 DoD Network Information Center United States
MOBI a0.mobi.afilias-nst.info. 199.254.55.1 AS12041 Afilias Limited Canada
MOBI a2.mobi.afilias-nst.info. 199.249.118.1 AS42 PCH PCH Canada
MOBI c0.mobi.afilias-nst.info. 199.254.57.1 AS12041 Afilias Limited Canada
MOBI b0.mobi.afilias-nst.org. 199.254.56.1 AS12041 Afilias Limited Canada
MOBI b2.mobi.afilias-nst.org. 199.249.126.1 AS42 PCH PCH Canada
MOBI d0.mobi.afilias-nst.org. 199.254.58.1 AS12041 Afilias Limited Canada
MUSEUM ns5.knipp.de. 195.253.6.62 AS8391 Knipp Medien und Kommunikation GmbH Germany
MUSEUM nic.MUSEUM. 130.242.24.5 AS1653 SUNET Swedish University Network Sweden
MUSEUM anyc1.irondns.net. 195.253.64.4 AS50611 Knipp Medien und Kommunikation GmbH Germany
MUSEUM ns.icann.org. 199.4.138.53 AS26710 ICANN DNS Operations Anycast United States
MUSEUM sns-pb.isc.org. 192.5.4.1 AS3557 Internet Systems Consortium, Inc. United States
NAME a6.nstld.com. 192.5.6.35 AS36621 VeriSign Global Registry Services United States
NAME c6.nstld.com. 192.26.92.35 AS36619 VeriSign Global Registry Services United States
NAME d6.nstld.com. 192.31.80.35 AS36617 VeriSign Global Registry Services United States
NAME f6.nstld.com. 192.35.51.35 AS36620 VeriSign Global Registry Services United States
NAME g6.nstld.com. 192.42.93.35 AS36624 VeriSign Global Registry Services United States
NAME h6.nstld.com. 192.54.112.35 AS36623 VeriSign Global Registry Services United States
NAME j6.nstld.com. 192.48.79.35 AS36626 VeriSign Global Registry Services United States
NAME k6.nstld.com. 192.52.178.35 AS36622 VeriSign Global Registry Services United States
NAME l6.nstld.com. 192.41.162.35 AS36628 VeriSign Global Registry Services United States
NAME m6.nstld.com. 192.55.83.35 AS36618 VeriSign Global Registry Services United States
NET a.gtld-servers.NET. 192.5.6.30 AS36621 VeriSign Global Registry Services United States
NET b.gtld-servers.NET. 192.33.14.30 AS26415 Verisign United States
NET c.gtld-servers.NET. 192.26.92.30 AS36619 VeriSign Global Registry Services United States
NET d.gtld-servers.NET. 192.31.80.30 AS36617 VeriSign Global Registry Services United States
NET e.gtld-servers.NET. 192.12.94.30 AS36625 VeriSign Global Registry Services United States
NET f.gtld-servers.NET. 192.35.51.30 AS36620 VeriSign Global Registry Services United States
NET g.gtld-servers.NET. 192.42.93.30 AS36624 VeriSign Global Registry Services United States
NET h.gtld-servers.NET. 192.54.112.30 AS36623 VeriSign Global Registry Services United States
NET i.gtld-servers.NET. 192.43.172.30 AS36631 VeriSign Global Registry Services United States
NET j.gtld-servers.NET. 192.48.79.30 AS36626 VeriSign Global Registry Services United States
NET k.gtld-servers.NET. 192.52.178.30 AS36622 VeriSign Global Registry Services United States
NET l.gtld-servers.NET. 192.41.162.30 AS36628 VeriSign Global Registry Services United States
NET m.gtld-servers.NET. 192.55.83.30 AS36618 VeriSign Global Registry Services United States
ORG a0.org.afilias-nst.info. 199.19.56.1 AS12041 Afilias Limited Canada
ORG a2.org.afilias-nst.info. 199.249.112.1 AS42 PCH PCH Canada
ORG c0.org.afilias-nst.info. 199.19.53.1 AS12041 Afilias Limited Canada
ORG b0.org.afilias-nst.ORG. 199.19.54.1 AS12041 Afilias Limited Canada
ORG b2.org.afilias-nst.ORG. 199.249.120.1 AS42 PCH PCH Canada
ORG d0.org.afilias-nst.ORG. 199.19.57.1 AS12041 Afilias Limited Canada
POST a0.post.afilias-nst.info. 65.22.0.1 AS12041 Afilias Limited Canada
POST a2.post.afilias-nst.info. 65.22.4.1 AS42 PCH PCH Canada
POST c0.post.afilias-nst.info. 65.22.2.1 AS12041 Afilias Limited Canada
POST b0.post.afilias-nst.org. 65.22.1.1 AS12041 Afilias Limited Canada
POST b2.post.afilias-nst.org. 65.22.5.1 AS42 PCH PCH Canada
POST d0.post.afilias-nst.org. 65.22.3.1 AS12041 Afilias Limited Canada
PRO a0.pro.afilias-nst.info. 199.182.0.1 AS12041 Afilias Limited Canada
PRO a2.pro.afilias-nst.info. 199.182.32.1 AS42 PCH PCH Canada
PRO c0.pro.afilias-nst.info. 199.182.16.1 AS12041 Afilias Limited Canada
PRO b0.pro.afilias-nst.org. 199.182.1.1 AS12041 Afilias Limited Canada
PRO b2.pro.afilias-nst.org. 199.182.40.1 AS42 PCH PCH Canada
PRO d0.pro.afilias-nst.org. 199.182.17.1 AS12041 Afilias Limited Canada
TEL a.dns.nic.TEL. 194.146.106.38 AS8674 NETNOD Internet Exchange i Sverige AB Sweden
TEL b.dns.nic.TEL. 192.36.144.116 AS8674 NETNOD Internet Exchange i Sverige AB Sweden
TEL c.dns.nic.TEL. 204.74.112.1 AS12008 NeuStar, Inc. United States
TEL d.dns.nic.TEL. 204.74.113.1 AS12008 NeuStar, Inc. United States
TEL e.dns.nic.TEL. 199.7.66.1 AS12008 NeuStar, Inc. United States
TEL f.dns.nic.TEL. 199.7.67.1 AS12008 NeuStar, Inc. United States
TEL g.dns.nic.TEL. 192.100.59.11 AS12008 NeuStar, Inc. United States
TEL h.dns.nic.TEL. 198.133.199.11 AS12008 NeuStar, Inc. United States
TRAVEL a.gtld.TRAVEL. 156.154.100.1 AS12008 NeuStar, Inc. United States
TRAVEL b.gtld.TRAVEL. 156.154.101.1 AS12008 NeuStar, Inc. United States
TRAVEL c.gtld.TRAVEL. 156.154.102.1 AS12008 NeuStar, Inc. United States
TRAVEL d.gtld.TRAVEL. 156.154.103.1 AS12008 NeuStar, Inc. United States
TRAVEL e.gtld.TRAVEL. 156.154.104.1 AS12008 NeuStar, Inc. United States
TRAVEL f.gtld.TRAVEL. 156.154.105.1 AS12008 NeuStar, Inc. United States
XXX a0.xxx.afilias-nst.info. 199.115.152.1 AS12041 Afilias Limited Canada
XXX a2.xxx.afilias-nst.info. 199.115.156.1 AS42 PCH PCH Canada
XXX c0.xxx.afilias-nst.info. 199.115.154.1 AS12041 Afilias Limited Canada
XXX b0.xxx.afilias-nst.org. 199.115.153.1 AS12041 Afilias Limited Canada
XXX b2.xxx.afilias-nst.org. 199.115.157.1 AS42 PCH PCH Canada
XXX d0.xxx.afilias-nst.org. 199.115.155.1 AS12041 Afilias Limited Canada


Scroll back up and look at the .COM hosters. All Verisign. All hosted in the USA. It also seems that Verisign controls all the Jobs! ;)

Country Code Top Level domains:


These TLDs are hosted basically all over the place. Most countries have their own nic/noc/dns .ccTLD organisation that takes care of most of the hosting.

I've put the raw text in pastebin as it is just too large!

http://pastebin.com/Pbx2T5pd

Top 25 counties running ccTLD name servers:

    347  United States
    100  Netherlands
     83  United Kingdom
     66  Canada
     63  Sweden
     46  France
     22  Australia
     20  Germany
     17  New Zealand
     17  Brazil
     17  Austria
     16  Mauritius
     16  Japan
     14  Switzerland
     13  Taiwan
     13  Mexico
     12  South Africa
     12  Russian Federation
     11  Turkey
      9  Italy
      9  Hong Kong
      9  Denmark
      8  Norway
      8  Czech Republic
      7  Korea, Republic of


Verisign

The .NET and .COM name servers are all hosted in Verisign IP space. I was surprised by this as I, up until now only associated Verisign with the Certificate Business. (which has been sold to Symantec. TIL! ) Verisign is also responsible for two of the root servers.

Versign presence as NS in TLD's:
     13 NET
     13 COM
     10 NAME
      7 TV
      7 JOBS
      7 CC
      6 EDU
      2 GOV
      2 .
      1 ARPA



"""We provide the routing support for more than 121 million domain names ending with .com, .net, .tv, .name, .cc, .edu and .jobs—up to 77 billion DNS queries a day. More than half (56%) of the world's DNS hosts rely on the Verisign .net and .com infrastructure.""" --http://www.verisigninc.com/en_US/products-and-services/domain-name-services/index.xhtml

Impressive!!

With and without the USA:

So how much of the internet would still function if I would block any of the US TLD Name Servers?

Total TLDs: 274
US presence in: 180 TLDs.
TLDs left when blocking all US Name servers:  251

So what are these TLD's that we would lose when blocking all US based name servers?

These 23 TLDs have all their Name Servers in the US.

AS
BIZ
CC
CO
COM
COOP
CX
EDU
FM
GOV
JOBS
KY
MH
MIL
NAME
NET
NF
SB
SO
TL
TRAVEL
TV
US

The bold TLDs are the ones I as a non US citizen see the most frequent.

Conclusion:


It is very interesting to see the distribution in which countries run what DNS server. As running these servers gives you both control and insight in what is being requested.

It has been said that the US controls most of the Internets Infrastructure, and that is mainly because most of the 'Internet'/Tech companies HQ's are located in the US. Think Google, Facebook, Microsoft etc. Though still most of the TLDs would work without the presence of US based servers Just that those two / three important ones would be missing is a bit of a shame ... Com, Net and Org.

Overall the top 30 countries running DNS services are:

    433  United States
    114  Canada
    102  Netherlands
     86  United Kingdom
     67  Sweden
     46  France
     26  Germany
     22  Australia
     17  New Zealand
     17  Japan
     17  Brazil
     17  Austria
     16  Switzerland
     16  Mauritius
     13  Taiwan
     13  Mexico
     12  South Africa
     12  Russian Federation
     11  Turkey
      9  Italy
      9  Hong Kong
      9  Denmark
      8  Norway
      8  Czech Republic
      7  Spain
      7  Korea, Republic of
      7  Chile
      6  Thailand
      6  Sri Lanka
      6  Slovakia



No comments:

Post a Comment