Get TLD DNS server ip address

Question

We know that the way DNS works is to recursively retrieve suffice of the domain. For example www.google.com, it retrieves the name server of com and get its ip address, and use this name server to retrive google.com, ...

Retrieving the ip addresses of the name servers are a critical part of this process. Here is the result if we dig google.com

; <<>> DiG 9.6.0-APPLE-P2 <<>> google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64727 ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION: ;google.com. IN A

;; ANSWER SECTION: google.com. 62 IN A 173.194.33.2 google.com. 62 IN A 173.194.33.8 google.com. 62 IN A 173.194.33.14 google.com. 62 IN A 173.194.33.5 google.com. 62 IN A 173.194.33.4 google.com. 62 IN A 173.194.33.6 google.com. 62 IN A 173.194.33.0 google.com. 62 IN A 173.194.33.1 google.com. 62 IN A 173.194.33.7 google.com. 62 IN A 173.194.33.3 google.com. 62 IN A 173.194.33.9

;; AUTHORITY SECTION: google.com. 69970 IN NS ns3.google.com. google.com. 69970 IN NS ns1.google.com. google.com. 69970 IN NS ns2.google.com. google.com. 69970 IN NS ns4.google.com.

;; ADDITIONAL SECTION: ns4.google.com. 69970 IN A 216.239.38.10 ns3.google.com. 69970 IN A 216.239.36.10 ns1.google.com. 69970 IN A 216.239.32.10 ns2.google.com. 257354 IN A 216.239.34.10

;; Query time: 9 msec ;; SERVER: ..*.#53(.*..) ;; WHEN: Wed May 22 16:03:09 2013 ;; MSG SIZE rcvd: 340

We can see that the ip address is included in the ADDITIONAL SECTION. But if we dig com, we got the following:

; <<>> DiG 9.6.0-APPLE-P2 <<>> com. ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50809 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION: ;com. IN A

;; AUTHORITY SECTION: com. 900 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. > 1369263918 1800 900 604800 86400

;; Query time: 17 msec ;; SERVER: ..*.#53(.*..) ;; WHEN: Wed May 22 16:05:48 2013 ;; MSG SIZE rcvd: 94

It shows nothing about the IP address of the name server for com. So my question is how do the resolvers know the IP addresses of the TLD name servers (e.g., com)?

Answer 1

Quick answer: you asked for A records for the TLD com, and got no answers. That's normal, because com has no A records! Notice, in this excerpt of your output, the type is A:

;; QUESTION SECTION: 
;com. IN A

That being said, recursive resolvers find out the addresses of the TLD nameservers the same way they find out the addresses of any other server:

• They may resolve them directly as names in their own right. For example, one of the namservers for com is a.gtld-servers.net. That name can be resolved in the normal way (through the root and net and gtld-servers.net.
• They might be provided as additional records (records in the additional section) together with the answers to other queries. This is especially important when there is a bootstrapping problem (e.g. the nameserver for example.com is ns.example.com which obviously cannot be resolved unless you already know a nameserver for example.com).

Answer 2

So my question is how do the resolvers know the IP addresses of the TLD name servers (e.g., com)

The resolver servers need to load the 'hints' (root name servers). These are typically added to the configuration somewhere.

There is a list online here: https://www.iana.org/domains/root/servers