What are DNS records?
DNS (Domain Name System) records are what keep the internet working the way consumers expect, and new records are being added as our needs grow. They’re what makes a domain name such as ns1.com point to a webserver’s IP address like 220.127.116.11. We need the DNS system and its records to keep the internet functioning and connected. A, AAAA, CNAME, and TXT records are but a few of the types of records that can be used by your domains, but what do these do?
Common types of DNS records
A and AAAA Records
The most common DNS record used, the A record simply points a domain to an IPv4 address, such as 18.104.22.168. To set up an A record on your domain all you’ll need is an IP address to point it to.
A blank record (sometimes seen as the ‘@’ record) points your main domain to a server. You can also set subdomains to point to other IP addresses as well, if you run multiple webservers. Finally, a wildcard record, shown usually as ‘*’ or ‘*.yourdomain.com,’ acts as a catch-all record, redirecting every subdomain you haven’t defined elsewhere to an IP address.
AAAA Records operate in the exact same way as A records, except they point to an IPv6 address, which look similar to FE80::0202:B3FF:FE1E:8329.
CNAME, DNAME, and ALIAS Records
DNS CNAME records are very commonly used to link a subdomain to a domain’s A or AAAA record, instead of making 2 A records. For example, you could link blog.example.com with a CNAME record to an A record set on example.com, and they would both point to the same server. Additionally, if you change the A record on example.com, all the CNAME records pointing to it would update to the new server. One limitation to CNAME records is that they can only be placed on subdomains, such as blog.example.com, but not the root domain, example.com.
DNAME records essentially make a CNAME record for every subdomain of a domain, and point it to another. For instance, a DNAME on domain.com pointed to example.com will link blog.domain.com to blog.example.com, www.domain.com to www.example.com, a.b.c.d.domain.com to a.b.c.d.example.com, and so on. It however will not link domain.com to example.com, you would need to use an A, AAAA, or ALIAS record for that purpose.
The ALIAS record is an NS1-specific record that works the same as the CNAME record does, except it can be placed on the root domain (example.com), not only subdomains. This allows you to link another domain you own, say domain.com to an A record on another domain such as example.com. Updating the A record on example.com will change where domain.com points to.
AFSDB Records are used to connect domain names to AFS servers, AFS being a network filesystem, similar to NFS but more suited to handle the latency of wide-area networks, like the internet, and locally caches files. The AFSDB record is key to this operation, by providing the location to the file database.
Note: This record is experimental and not recognized by all services, and not all nameservers recognize or implement it. Additionally, it is being depreciated by the SRV record in the future.
A CAA record is a special type of DNS record (think TXT or CERT) that allows domain owners to authorize specific third-party vendors to issue SSL certificates on behalf of their domains. This requires CAs to check for the presence of a CAA record and, if one is found, verify that they are authorized prior to issuing certificates for this domain. If a CAA record is not present, the CA can issue a certificate for the domain.
CERT resource records are used for storing certificates in DNS. Part of encrypting sensitive content involves verifying the authenticity of the sending and receiving parties. DNS CERT records store and provide that information.
HINFO Records simply define the specifications and operating system of the computer behind an email. For instance, if example.com was running Ubuntu 16.04 with a 3.2 GHz Intel CPU, you could enter “PC-Intel-3200mhz” and “Ubuntu 16.04” in the Hardware and OS fields, respectively. This record is used by some services like FTP to determine special procedures to use when connecting to known server configurations.
MX, or Mail eXchange records are used to direct emails sent to your domain. MX Records, coupled with a mail server can provide you and your employees, clients, etc. with emails on your own domain such [email protected] You can also add multiple MX records with varying priorities for redundancy, if you have multiple mail servers configured.
NAPTR records are most commonly used with Internet Telephony (or VoIP) services. It can be used to map telephone numbers and email addresses for VoIP users to SIP servers via SRV records to initiate calls.
NS records are usually set with your registrar, and are used to delegate a domain or subdomain to a set of name servers. Name servers, such as NS1, hold all the other DNS records for your domain and tell all the other computers connected to the internet what records your domain holds. Setting the NS record is therefore a very important part of getting your domains and servers online.
PTR, or Pointer records are usually described as the opposite of an A record. While A records point the domain to an IP address, a PTR record points an IP to a domain. This is commonly used as spam verification with certain email programs to confirm a mailserver is really authorized to use the domain the email is coming from. PTR records usually have to be defined by the owner of the IP address for your server, usually your server hosts. Many hosting companies will set this up for you when you set up a server.
SPF records are used for email verification, to prevent your domain name from being used by spammers or malicious users. Simply creating an SPF record on your main domain with the content: v=spf1 ip4:22.214.171.124 a -all (replacing 126.96.36.199 with your mailserver’s IP address) will tell email recievers that your mailserver is the only server allowed to send emails from your domain, and all emails recieved from another server are to be rejected or marked as spam. If you have multiple mailservers, you can add another ip4:x.x.x.x after the previous one to allow another IP address.
Note: The SPF record is still supported but shouldn’t be used in new installs. Making a TXT record with the same content used with SPF records above is the new standard. Commonly, mail servers will define both an SPF and a TXT record for the most compatibility.
SRV, or Service records, define the location for certain services, commonly SIP and XMPP (chat) servers. It allows you to define a port and hostname for a service that applications can use to connect to it.
TXT Records allow you to contain any textual information on a domain or subdomain. Applications can use this to check information about a service you are running, commonly SPF records, DomainKeys, and DKIM (two other email verification processes). Usage with SPF can be read about above in the SPF Records section. TXT Records may contain any information up to 255 characters.
Overall, there are many DNS records to suit your system’s needs, and more are added and expanded upon all the time as our usage of the internet grows. These records, kept on various name servers worldwide are what lets us browse the internet with the ease we do today, and should be set up by any serious businesses on a reliable network.