Why There Are Exactly 13 DNS Root Servers

The internet's root DNS lookup is bounded by a 1987 packet-size decision. RFC 1035, written by Paul Mockapetris that November, capped UDP DNS responses at 512 bytes. The number was chosen so a reply could survive any link the early internet ran over without IP fragmentation, back when 576-byte MTUs were the safe assumption.

That cap is why there are exactly 13 root nameservers, A through M.

When a resolver bootstraps, it asks any root for the list of all roots — the priming response. Add up the wire format and a 13-server reply fits in about 436 bytes: 12 bytes of header, 5 for the question, the first NS record at full length, twelve more compressed NS records at 15 bytes each, then 13 IPv4 glue records at 16 bytes each. Each additional root would have added another 25 bytes of NS plus glue. Fourteen would have squeaked through; once IPv6 glue was needed, even thirteen blew the budget. The protocol froze at the integer it could afford.

The fix arrived in 1999. Paul Vixie's RFC 2671 introduced EDNS0, an extension that lets DNS advertise larger UDP buffers. EDNS made DNSSEC and IPv6 glue practical, and it could in principle have unlocked a 14th root letter. It didn't. Operators kept the labels and used anycast instead — every "letter" is now a virtual address served by hundreds of physical servers in different cities, all answering as if they were the same machine. The current count sits near 1,950 instances across the thirteen names.

The number 13 is a fossil. The constraint that produced it has been gone for a quarter century.