Where are the root DNS servers list?
-
Hi,
By default I understand that PFSense use root servers to resolve queries. Where is the list of these root servers?
Thank you. -
They are the root servers. If you don't know, they are [a-m].root-servers.net. You can also find them at https://www.internic.net/domain/named.cache or look them up automatically with the following command:
dig +bufsize=1200 +norec NS . @a.root-servers.net
Unbound uses its own compiled-in list which is generally the same as the above, but it can be replaced by a custom local copy.
-
when you say compiled-in, means you cannot find them in a config file right? it's baked into their code?
-
Yes, it's compiled in.
But you can see it by running:
unbound-control -c /var/unbound/unbound.conf lookup .
If you're in resolver mode (the default) that will show you the roots it is using. If you're in forwarding mode that will show the forwarding servers.
-
Unbound and other DNS forwarders/resolvers can use a separate file for root servers but since they change so rarely it's not worth it and the compiled-in list is sufficient.