Everything You Need to Know About DNS with DNS Record Types, Working and Uses

Understanding What is DNS?

Let’s start with a simple example. When you want to call your friend, do you dial their phone number directly, or do you search for their name in your phone's contact list? Chances are, you remember their name, not their number.

Now, imagine if you had to memorize the phone numbers of all your contacts. You might remember a few maybe 5 to 10 if you're really good—but what about the rest? That’s why we rely on names in our contacts instead of memorizing numbers.

Now, let’s take another scenario. Your friend invites you to their wedding at a Royal Taj Hotel Palace and gives you its location using longitude and latitude coordinates like this: (26°54'43.6464" N, 75°47'8.232" E). Would you be able to find the place? Probably not. Instead, what if they just told you the address: Jai Mahal Palace, Jacob Rd, near Bharat Petroleum, Civil Lines, Jaipur, Rajasthan?

That’s much easier, right?

This is exactly how DNS works for the internet. DNS, which stands for Domain Name System, is like the phonebook of the internet. Computers and servers communicate using IP addresses, which are a series of numbers (like 192.168.1.1). But as humans, we can’t remember the IP address of every website we visit—there are just too many!

So instead of typing an IP address to visit a website, we use domain names like google.com or youtube.com. These domain names are easy for us to remember. But since computers understand only IP addresses, we need a system to translate these names into something computers can work with.

That’s where DNS comes in. The Domain Name System acts as a translator, converting the domain name you type into your browser into the corresponding IP address of the website. Just like how your phone contacts link a name to a phone number, DNS links a domain name to its IP address.

In short, DNS makes it possible for you to explore the internet without memorizing a single IP address. Simple, right? 😊

How does DNS work?

The DNS resolution process is responsible for translating a human-friendly domain name(like www.google.com) into a computer-readable IP address (such as 192.168.1.1). When a user wants to access a webpage, the browser must convert the text-based domain name (google.com) into a numeric IP address that identifies the server hosting the website.

For users, Browsers executes this translation automatically in the background, with no additional input required beyond typing the domain name into their browser.

The DNS resolution process involves four key servers that work together to retrieve the correct IP address for the client. These servers are:

1. DNS Resolver (or Recursor)

2. Root Nameservers

3. TLD Nameservers (Top-Level Domain)

4. Authoritative Nameservers

The 5 Step Process of DNS Resolution:

The process of DNS resolution involves five key steps, with four critical servers working together to retrieve the correct IP address for the client (browser):

Step 1: Request to DNS Resolver (Client’s Local DNS Server)

• The browser (client) sends a request to its local DNS server, also known as the DNS Resolver.

• Example: The client requests the IP address for google.com.

• Role of the DNS Resolver:
  The resolver acts as the intermediary, initiating the process to find the IP address for the requested domain by interacting with other DNS servers.

Step 2: Query to Root Nameserver

• The DNS Resolver routes the query to the nearest Root Nameserver.

• Root servers are the first step in the DNS hierarchy, and there are 13 root servers globally, managed by organizations such as NASA, the US Army, etc.

• Role of Root Nameservers:
  Root servers don’t store the exact IP address of the requested domain. Instead, they guide the resolver to the appropriate Top-Level Domain (TLD) Nameserver based on the domain’s extension (e.g., .com, .org, .in).

  • Example: For google.com, the root server will return the IP addresses of the .com TLD servers.

Step 3: Query to TLD Nameserver (Top-Level Domain)

• The DNS Resolver then sends a request to the relevant TLD Nameserver (e.g., .com, .org).

• Role of TLD Nameservers:
  TLD servers don’t know the exact IP address of the domain either. Instead, they store information about Authoritative Nameservers for domains within their TLD.

  • Example: For google.com, the .com TLD server might return the IP address of the Authoritative Nameserver managed by Google.

Step 4: Query to Authoritative Nameserver (ANS)

• The DNS Resolver queries the Authoritative Nameserver for the domain.

• Role of Authoritative Nameservers:
  These servers store the DNS Records for the specific domain. For example, the authoritative nameserver for google.com will return its corresponding IP address (e.g., 142.250.190.14).

  • DNS records that may be retrieved includes: A Record (Address Record), AAAA Record, CNAME Record, etc.

Step 5: Response Back to the Client (Browser)

• The DNS Resolver receives the IP address from the Authoritative Nameserver and sends it back to the client (browser).

• The browser can now use this IP address to establish a connection to the web server and load the requested webpage.

What is a DNS Record?

A DNS record also known as Zone Files is the information stored in an authoritative nameserver that helps the internet understand how to find and manage a domain. It tells which IP address is linked to the domain and provides instructions on how to handle requests for that domain.

How It Works in an Authoritative Nameserver (ANS):

1. When a query reaches the authoritative nameserver, it checks its stored DNS records.

2. These records contain details like the domain’s IP address or where to route emails.

3. The ANS processes the query and sends back the relevant information (e.g., the IP address) to the DNS resolver.

Most Common Types of DNS Records:

1. A Record (Address Record)

The A record maps a domain name (like example.com) to an IPv4 address (e.g., 192.168.1.1). It tells the internet where to find the server hosting the website.

• Example: When you type google.com, the A record points to 142.250.190.14, which is the server’s address.

• google.com → 142.250.190.14.

A records only hold IPv4 addresses. If a website has an IPv6 address, it will instead use an "AAAA" record.

2. AAAA Record (IPv6 Address Record)

This is similar to the A record but is used for IPv6 addresses instead of IPv4. IPv6 addresses look like this: 2001:0db8:85a3:0000:0000:8a2e:0370:7334.

• Example: When google.com uses IPv6, the AAAA record could point to an address like 2404:6800:4003:c03::8a.

• google.com → 2607:f8b0:4005:802::200e .

3. CNAME Record (Canonical Name Record)

A CNAME record links one domain (or subdomain) to another domain, instead of pointing directly to an IP address. It’s used when a domain is an alias of another domain. Unlike A records, CNAME records must always point to another domain, not to an IP address.

• Example:
  Let’s say blog.google.com has a CNAME record pointing to google.com. When you type blog.google.com, it first redirects to google.com and then fetches the IP address associated with google.com.

• blog.google.com → google.com → 142.250.190.14

This setup is handy for managing subdomains (like blog.google.com or shop.google.com) since updating the IP address for google.com automatically updates all subdomains with a CNAME record.

It works behind the scenes in the DNS system as: When you type blog.google.com into your browser:

1. The DNS lookup first checks for blog.google.com and finds the CNAME record pointing to google.com.

2. The browser fetches the IP address of google.com (e.g., 142.250.190.14) and connects to that server.

3. However, the browser still keeps the original blog.google.com URL in the address bar.

The web server hosting the site (at 142.250.190.14) then serves content specifically for blog.google.com. The CNAME just ensures that both domains (e.g., blog.google.com and google.com) can share the same IP address, but the content delivered depends on the URL you entered.

4. MX Record (Mail Exchange Record)

An MX record is used to route emails to the correct mail server for a domain. It tells email systems where to deliver messages sent to an address like user@example.com. Here’s what happens:

1. When you send an email (e.g., user@gmail.com) from your email app (like Gmail or Outlook), your email app needs to know where to send that message.

2. It checks the MX record for the recipient's domain (in this case, gmail.com) to find the mail server that handles emails for gmail.com.

3. The email is then sent to that mail server, which delivers it to the recipient’s inbox.

So, MX records work "behind the scenes" to route emails to the right mail server. You don’t see or interact with them directly—they’re part of how email systems communicate. Each MX record has a priority value, and the server with the lowest priority number is tried first. If that server isn’t available, the next one is tried.

• Example: For the domain example.com, the MX records could look like this:

• Priority: 10 → mailserver1.example.com

• Priority: 20 → mailserver2.example.com

If mailserver1.example.com is down, the email will automatically be sent to mailserver2.example.com as a backup.

5. TXT Record (Text Record)

A TXT record is a type of record in DNS that allows domain owners to store text-based information. This text can be used for a variety of purposes, such as adding security data or providing notes that other systems can use.

Here’s a simple example to explain it:

• Example: Let's say you have a website called example.com. You might want to add a TXT record with a simple message like:

• example.com → "Welcome to my website! This is not spam."

#How Do TXT Records Work?

• The text inside a TXT record is usually wrapped in quotation marks.

• A domain can have multiple TXT records, each used for different purposes (e.g., one for email security, one for domain verification).

• The text can be anything, from simple messages to complex security instructions. They can store any text but are limited in size.

• Example: A TXT record for security might look like this:

• example.com → "v=spf1 include:_spf.google.com ~all"

#What Are TXT Records Used For?

1. Email Security: TXT records are often used to help secure emails and prevent spam or fraudulent emails. For example, TXT records can include instructions for email servers to check if an email really came from the owner of the domain. This helps stop fake emails that pretend to come from your domain.

   Example of email security: If you want to ensure that only Google’s servers can send emails on behalf of example.com, a TXT record might look like this:

   example.com → "v=spf1 include:_spf.google.com ~all"

   This is called an SPF (Sender Policy Framework) record. It tells email providers to only accept emails from servers authorized by google.com and not anyone else. If someone tries to send an email pretending to be from example.com (spoofing), this record helps prevent it from being delivered.

2. Domain Verification: TXT records can be used to prove you own a domain. For example, when you set up services like Google Search Console or apply for an SSL certificate, they might ask you to add a TXT record to your domain’s DNS settings. This confirms that you are the rightful owner of the domain.

   For example, Google might ask you to add a TXT record like:

   example.com → "google-site-verification=abc123xyz"

6. NS Record (Nameserver Record)

An NS record (Nameserver Record) tells the internet where to go to find the DNS records for a particular domain. It points to the nameservers (DNS servers) that manage the domain's settings, such as IP addresses and mail servers. The NS record is essential because it makes sure users can access a website by knowing where to get the necessary DNS information.

#How Does an NS Record Work?

When you type a website name like google.com into your browser, the NS record helps the internet know where to look for the IP address that points to Google's servers. Without proper NS records, websites won't load because there would be no way to get the correct information.

• Example: If your domain is example.com, your NS record might look like this:
  example.com → ns1.exampleserver.com.

• This means that ns1.exampleserver.com is the DNS server (ANS) that holds all the important information about example.com.

#Why Do You Need NS Records?

1. Directing Traffic: NS records tell browsers and email systems where to find your domain's DNS records, like IP addresses and mail servers. Without them, nobody can reach your website or send emails to your domain.

2. Multiple Nameservers: Domains usually have multiple NS records to ensure there is a backup nameserver in case the primary one is unavailable. For example, you might have:

   example.com → ns1.exampleserver.com
example.com → ns2.exampleserver.com

   If ns1.exampleserver.com goes down, the system will check ns2.exampleserver.com for the DNS records.

7. SOA Record (Start of Authority Record)

The SOA record provides essential information about a domain's DNS zone . The SOA record keeps DNS systems organized and up-to-date, ensuring users are directed to the correct servers and administrators can manage their domains effectively.

It includes details like the primary nameserver, the administrator's email, and timing information for zone updates. Every DNS zone must have one SOA record to function properly.

#What Does the SOA Record Do?

• It identifies the primary nameserver for the domain.

  💡

  The Primary Nameserver is the main server that holds the original data for a domain (e.g., example.com). Example: ns1.primaryserver.com

• It helps secondary nameservers know when to update their DNS records.

  💡

  The Secondary nameservers are backup servers that get a copy of the DNS zone from the primary nameserver. If the primary nameserver goes down or is unreachable, the secondary nameservers step in to serve the DNS records. It periodically check with the primary nameserver to see if anything has changed. If changes are detected, they update their copy. Example: ns2.secondaryserver.com

• It contains the administrator's email address for domain management.

• It defines timing settings for how often updates should occur.

#Example:

For the domain example.com, the SOA record might look like this:

#What Do These Fields Mean?

• MNAME: The primary nameserver for the domain (e.g., ns1.primaryserver.com).

• RNAME: The administrator’s email address (e.g., admin@example.com). In SOA, the @ symbol is replaced by a dot (.).

• SERIAL: A version number that updates whenever DNS records change. Secondary servers use this to know if they need to refresh their data.

• REFRESH: How often (in seconds) secondary servers should check the primary server for updates (e.g., 86400 = every 24 hours).

• RETRY: If the primary server doesn't respond, how long the secondary server should wait before retrying (e.g., 7200 = 2 hours).

• EXPIRE: If no updates are received from the primary server within this time (e.g., 4000000 = ~46 days), secondary servers stop serving the zone data.

• TTL (Time-To-Live): How long the record is cached by other DNS servers (e.g., 3600 = 1 hour).

#How Does the SOA Record Work?

• When DNS records are updated, the SERIAL number changes. Secondary nameservers see this and pull updated records from the primary nameserver.

• The REFRESH and RETRY intervals ensure secondary servers stay updated with changes while preventing excessive requests that could overload the primary server.

• If a secondary server can't connect to the primary for an extended period (EXPIRE time), it stops responding to queries to avoid serving outdated data.

8. PTR Record (Pointer Record)

A PTR record is used for reverse DNS lookups, which means it maps an IP address to a domain name. It's the opposite of an A record, which maps a domain name to an IP address.

When you visit a website, a regular DNS lookup happens where the system matches the domain name to the corresponding IP address. A reverse DNS lookup uses a PTR record to do the opposite as it starts with the IP address and looks up the associated domain name.

#How is a PTR record stored?

• For IPv4: PTR records are stored under the reversed IP address, followed by the domain .in-addr.arpa.

  • For example, if the IP address is 192.0.2.255, the PTR record would be stored under 255.2.0.192.in-addr.arpa.

• For IPv6: The PTR record is stored under the reversed IPv6 address, divided into 4-bit sections, followed by the domain .ip6.arpa.

  • Example: If the IPv6 address is 2001:0db8:85a3:0000:0000:8a2e:0370:7334, the PTR record would be stored under 4.3.7.0.2.e.8.a.0.0.0.0.a.3.8.d.b.0.1.0.0.2.ip6.arpa.

#Example of how a PTR Record works:

• PTR Record Example: If you have the IP address 192.0.2.255, the reverse DNS lookup would return the domain name example.com if that is the associated domain.

  IP Address: 192.0.2.255

  PTR Record: 255.2.0.192.in-addr.arpa → example.com

#Why are PTR records used?

1. Security and verification: They help verify that the IP address belongs to the domain.

2. Email services: Many email servers check PTR records during the sending and receiving of emails to verify that the domain matches the IP address. This helps determine whether the associated IP is likely used by a legitimate email server and not for spam or malicious activities.

9. SRV Record (Service Record)

An SRV record is used to specify the location of servers for specific services, such as VoIP (Voice over IP), instant messaging, or other network services. Unlike other DNS records that simply map a domain name to an IP address, SRV records provide additional information like the port number needed to access a particular service.

#How does an SRV record work?

An SRV record contains details about a service's server, including:

#What do these Fields mean?

• Service: The name of the service (e.g., XMPP for chat, SIP for VoIP).

• Protocol: The transport protocol used (e.g., TCP or UDP).

• Priority: Determines the order of servers to be used. Servers with lower priority values are preferred.

• Weight: A relative weight for load balancing between servers with the same priority.

• Port: The port number for the service.

• Target: The server’s hostname where the service can be found.

#Example of an SRV record:

_xmpp._tcp.example.com. 86400 IN SRV 10 5 5223 server.example.com

This means that for the XMPP service (a protocol for instant messaging) using TCP, the server server.example.com should be contacted at port 5223. The priority is 10, and the weight is 5, which means it has a relatively higher priority compared to other servers.

#Why are SRV records important?

• Service Location: SRV records make it easier to locate servers for specific services, like email or VoIP, without needing to know their exact IP addresses.

• Load Balancing: By using priority and weight, SRV records enable load balancing, allowing traffic to be distributed efficiently across multiple servers.

Protocol Specification: SRV records are essential for some Internet protocols (like IMAP, SIP, XMPP) to work properly, as they specify not just the server but also the protocol and port to be used.

Bringing It All Together :

The Domain Name System (DNS) is the internet's phonebook, transforming human-readable domain names into machine-readable IP addresses. Through a five-step resolution process involving resolvers, root servers, TLD servers, and authoritative nameservers, DNS enables seamless web navigation. Various DNS record types like A, AAAA, CNAME, MX, TXT, etc records serve specific functions, from routing emails to verifying domain ownership. Understanding DNS shows the smart and complex system that makes our online experiences easy and smooth.