The authoritative name servers that serve the DNS root zone, commonly known as the “root servers”, consist of a network of hundreds of servers distributed across numerous countries worldwide. These 13 root name servers are managed by 12 independent organizations. Occasionally, the IPv4 and/or IPv6 addresses may change or new addresses might be added. Therefore, it is a good practice to update your DNS Server Root Hints periodically.
In this guide, the screenshots are based on a DNS Server running on an older version of Windows Server. However, the configuration process remains largely similar across different versions of Windows Server, from earlier releases to the current version of Windows. For the latest versions of Windows, such as Windows Server 2016 and Windows 10 and later, updating and scripting can be streamlined using PowerShell. More details on scripting are provided at the end of this post.
Step 1: Open DNS Manager
Start by launching the DNS Manager. You can access this tool through Administrative Tools or by running the dnsmgmt.msc command via the Run dialog.
Step 2: Access Server Properties
Right-click on your DNS server. In some network environments, multiple DNS servers may be listed. Select the server for which you want to update the Root Hints, then open the context menu and click on Properties.
Step 3: Update Root Hints
In the Properties window, navigate to the Root Hints tab. Click on the Copy from Server button.
Step 4: Copy Root Hints from Server
A new dialog will appear, prompting you to specify the IP address or DNS name of the server from which to copy the Root Hints. In the text field, enter one of the root servers’ DNS names, for example, a.root-servers.net.
You may notice that multiple IPv4 addresses are added and changed, and in some cases, additional IPv6 addresses are listed for servers like f.root-servers.net. After verifying the entries, click Apply and then OK to close the Properties window.
Automating the Process with PowerShell
If you prefer not to update Root Hints manually, modern versions of Windows Server and Windows can automate this task using PowerShell. You can create scripts to update the Root Hints and set up scheduled tasks to run these scripts periodically. For more information on scripting this process, refer to the Import-Dns
By keeping your Root Hints up to date, you ensure that your DNS server can efficiently resolve domain names, maintaining optimal network performance and reliability.