Where are the root DNS servers list?

kfkehua

Hi,
By default I understand that PFSense use root servers to resolve queries. Where is the list of these root servers?
Thank you.

jimp

They are the root servers. If you don't know, they are [a-m].root-servers.net. You can also find them at https://www.internic.net/domain/named.cache or look them up automatically with the following command:

dig +bufsize=1200 +norec NS . @a.root-servers.net

Unbound uses its own compiled-in list which is generally the same as the above, but it can be replaced by a custom local copy.

kfkehua

when you say compiled-in, means you cannot find them in a config file right? it's baked into their code?

jimp

Yes, it's compiled in.

But you can see it by running:

unbound-control -c /var/unbound/unbound.conf lookup .

If you're in resolver mode (the default) that will show you the roots it is using. If you're in forwarding mode that will show the forwarding servers.

kpa

Unbound and other DNS forwarders/resolvers can use a separate file for root servers but since they change so rarely it's not worth it and the compiled-in list is sufficient.