Introduction
Hello everyone, we’re going to be talking about DNS records. n this blog we’re going to talk about the specifics of DNS records that you would find in a DNS server’s database.
What is DNS?
So as a refresher, DNS stands for domain name system. And the most basic job of DNS is to resolve domain names to IP addresses. And the reason it has to do this is because computers don’t understand names, they only understand numbers. A domain name is just a text that you type in a web browser when you want to go to a certain website such as example.com, google.com, yahoo.com, and so on.
How DNS Resolution Works
So when you type in a domain name such as example.com in a web browser, DNS will resolve that domain name into an IP address so you can retrieve the website. Now in a DNS hierarchy there are three main levels of servers. There are the root servers, the top level domain servers, and the authoritative name servers.
But of these three the DNS servers that are responsible for storing the DNS records for resolving domain names to IP addresses are the authoritative name servers because they are responsible for knowing everything about the domain name, including the IP addresses and much more. But in order for your query to resolve example.com into an IP address, it needs to know which name server to ask.
So in order to find the correct name server, the query must first go through the top of the DNS hierarchy which is the root server. And once it reaches the root server, the root server will look at example.com and will forward the query to the correct top level domain server. The top level domain server is responsible for information of top level domains, such as .com, .net, .org and so on. So in this case the root server will forward the query to the .com top level domain server because the top level domain for example.com is .com. And then the top level domain server will forward the query to the specific authoritative name server that’s responsible for the example.com domain. And once the query reaches the name server, example.com will be resolved to the IP address so the website can be retrieved.
DNS Records in the DNS Zone File
So in a DNS database you have what’s called a DNS zone file and this file contains the DNS records. Now there are numerous DNS records but I’m only going to talk about the most common ones.
A Record (Address Record)
So the first DNS record is the A record or address record. And this is the most common DNS record. This is what resolves a domain name to an IP address. To be specific it resolves to an IPv4 address which is a 32-bit numeric address.
So in the example we just did earlier, when you type in a domain name such as example.com in a web browser, the A record is what DNS uses to resolve a domain name to an IP address. And then we also have the TTL or time to live, this field tells us how long each record is valid until the next update.
AAAA Record (Quad A Record)
And then there’s also the quad A record. And this record is just like the A record. So both A and quad A records resolve domain names to IP addresses, but the difference is, is that quad A records resolve domain names to IPv6 addresses. An IPv6 address is 128-bit alphanumeric address that’s replacing the older IPv4 addresses.
CNAME Record (Canonical Name Record)
The next DNS record is called CNAME or canonical name. And what this does is that it resolves a domain or subdomain to another domain name. So basically it’s an alias for another domain name.
So as an example, computers read domain names from right to left and domain names will have several parts: a root domain, a top level domain, a second level domain, and a subdomain. So when we look at example.com there is also a hidden dot right after com even though it’s hidden and we don’t see it but that dot is the root domain. The .com is the top level domain and example is the second level domain.
But if there is an additional name to the left of a second level domain then that would be a subdomain. So for example www is a common subdomain, which is why it is common to create a CNAME record pointing www.example.com to example.com. Which is why when you type example.com or www.example.com in your web browser you’ll end up at the same example.com website because of that CNAME record.
Subdomains are also often used when a website has different services running on the same server and are using the same IP address. So as an example let’s say that example.com has an FTP service running on the same server as their website. So in this case they can create a subdomain such as ftp.example.com for their FTP service on the server and then they can create a CNAME record and have it directed to example.com. So now when users type in ftp.example.com in their web browser, DNS will look at the CNAME record and forward the users to example.com. Now even though it’s pointing to example.com but once the request reaches the web server, the web server will inspect the URL that the user has typed and direct it to its FTP service on the server.
So CNAME records are similar to A records but the difference is, is that A records resolve domain names to IP addresses while CNAMES resolve domain names to domain names.
MX Record (Mail Exchanger Record)
And the next DNS record is MX record or mail exchanger record. And this record is used for email. The MX record simply points to the server where emails should be delivered for that domain name. So for example when you send an email to Tom@example.com, your MTA or mail transfer agent will query the MX records for example.com because it’s looking for an email server. And then DNS will respond back telling the MTA which server to send the email to which in this case would be mail1.example.com because that’s what the MX record points to. So that’s basically what the MX record does, it tells the world which server to send email to for a particular domain name.
Now MX records will generally have two entries, a primary email server and a secondary email server along with priority numbers. The lower the priority number means that it’s the primary email server. But if the primary email server gets overwhelmed or goes down, then the secondary email server would be used.
SOA Record (Start of Authority Record)
And the next DNS record is called SOA which stands for start of authority. And what this does is that it stores administrative information about a DNS zone.
So what are DNS zones? Well a DNS zone is a section of a domain name space that a certain administrator has been delegated control over. DNS zones allow a domain namespace such as example.com to be divided into different sections. So if we look at the domain example.com, if this domain was broken down into three sections or subdomains such as shop.example.com, blog.example.com, and support.example.com, the head administrator could create DNS zones and delegate control over these subdomains to different administrators if he chooses to.
So let’s say that the shop and blog subdomains have only a few computers in each domain and the support subdomain has many computers. So since these two only have a small amount of computers, the head admin could create one zone for these two subdomains and assign an administrator to manage it. But since support has so many computers, the head administrator has created another separate zone just for the support subdomain and then he or she will assign another administrator to manage it.
So DNS zones are created for manageability purposes and each will have their own DNS zone file which contains an SOA record. So here is an example of an SOA record. So just to go over a few of these categories. The MNAME is the primary name server. The RNAME is the email address of the administrator for this zone, where this dot here represents the @ symbol in an email. And the serial number is a number that represents a version in the zone. So whenever an update happens in the zone, the serial number will change which tells the secondary servers to update as well.
NS Record (Name Server Record)
And the next record is the NS record which stands for name server. Now this record, just like its name says, provides the name of the authoritative name server within a domain. Now as I stated previously, the name server contains all the DNS records necessary for users to find a computer or server on a local network or on the Internet. It is a final authority in a DNS hierarchy. And an NS record would generally list two name servers: a primary and a secondary.
SRV Record (Service Record)
And the next DNS record is called SRV which stands for service record. Now the previous DNS records that we talked about will point to a server or an IP address. But a service record will point to a server and it’ll also point to a specific service by including a port number. So when an application needs to find the location of a service on a domain such as voice over IP, instant messaging, or a printer, it will look for a service record to see if there’s a listing for that specific service and it will direct it to the correct server and correct port number.
PTR Record (Pointer Record)
And then we have a PTR or pointer record. Now this record is basically the reverse of an A or a quad A record. So as you remember, A and quad A records resolve domain names to IP addresses but PTR records do the opposite, they resolve IP addresses to domain names. PTR records are attached to email and are used to prevent email spam.
So whenever an email is received, the email server uses the PTR record to make sure that the sender is authentic by matching the domain name in the email with its authentic IP address. This is what’s known as a reverse DNS lookup. But if an email that is sent does not match with its correct and authentic IP address, the email will be flagged as spam.
TXT Record (Text Record)
And our last record is the TXT or text. Now this record contains miscellaneous information about a domain such as general or contact information. These are also used to prevent email spam by making sure incoming email is coming from a trusted or authorized source.
