The domain name system (DNS) is a directory service that allows Internet-connected devices to lookup information for resources on the Internet. The information provided includes IP addresses, which are used to route Internet traffic. DNS uses a combination of record types to ultimately guide users to the right address for the Internet resource they’re looking for. We’ll cover the major resource types so you can better understand how the DNS works and how to retrieve information.
Resources, Records and Zones
Resource records provide information about DNS resources, such as their name and relation to other resources. Each record has a name, type and time to live (TTL). Resource records are held across the Internet. A master copy of the resource record is held in a specific zone, or portion of the DNS name space, that has the authority to do so. A zone includes one or more domains and subdomains. Within this zone there is a name server that has a zone file containing resource records.
Here is a quick summary of the more commonly used resource records:
A and AAAA: What’s Your Address?
When you’re thinking of DNS, A and AAAA records are probably what you have in mind. Most commonly, you’re looking for the IP address of a fully qualified domain name (FQDN). This is also known as the hostname (the initial portion of a URL). There are two primary types of address records:
- A: Maps a FQDN to an IPv4 address
- AAAA: Maps a FQDN to an IPv6 address
CNAME: What’s in a CNAME?
Another common record type is the canonical record, which returns an alias. You can think of it as a pointer to another record. A domain administrator would use a CNAME record when there are multiple subdomains or services that should resolve to the same location. CNAME records are also common with content delivery networks (CDNs) or other external infrastructure, as a domain administrator may not have control over the ultimate IP addresses.
When resolving a CNAME record, the DNS lookup will use the answer received in the CNAME record to craft a new lookup. A related, and less common, record type is the DNAME, which creates an alias for all subdomains. It is most often used to redirect an entire domain between zones, for instance when moving a website.
- CNAME: Maps a FQDN to another FQDN
- DNAME: Maps all subdomains of a FQDN to another FQDN
PTR: Going In Reverse
The pointer (PTR) record is the opposite of an address record. Rather than mapping a domain name to an IP address, the PTR record maps an IP address to a domain name. This is useful in reverse DNS and traceroutes, for example.
- PTR: Maps an IPv4 address to a FQDN
MX: You’ve Got Mail
For email (SMTP) traffic, a mail exchange record is used. The MX record will map an email domain to the domain of the appropriate mail server. A subsequent A or AAAA lookup can then be used to find the mail server’s IP address. You can’t mix MX and CNAME records; an MX record cannot map to a FQDN that is mapped to another FQDN using a CNAME record.
- MX: Maps an email domain to a FQDN of a mail server
NS and SOA: Establishing Authority
All of these resource records rely on the name server that serves them. Name servers are responsible for answering DNS queries in a zone of authority, which includes one of many domains and subdomains. An NS record delegates a subdomain to a set of name servers, returning the domain names of those servers. NS records are held in a zone file in the parent domain, often a top-level domain such as ‘.com’.
The NS record, and the subsequent A record lookup, provide the address where a DNS query would be sent to get resource records for the domain. In the figure below, ‘a1.verisigndns.com’ is a name server that would be able to provide A records for queries in the thousandeyes.com domain.
- NS: Maps a subdomain to a FQDN of a name server
Related to the NS record is another record type, the Start of Authority (SOA) record. The SOA record provides information about a DNS zone, including the authoritative name server.
Imagine a case where a domain administrator wants to host his own authoritative name server. It would likely have authority over the same domain as the zone it is located in. For example, the NS record of google.com is ns1.google.com. Resolving the address of the name server would require knowing the address of the name server, a circular reference. So how would a DNS query ever get the address record (A) for Google’s name server?
For this you need a Glue record. A Glue record is not an additional record type. Instead, the Internet registry has the A record for the name server and can, therefore, provide it after the appropriate NS query, preventing a circular reference. This information is provided in the ‘Additional Section’ of a DNS answer.
Do You DIG It?
So now that you know about DNS records, how can you check the mapping of each of these records for your own domains? A handy open source utility called DIG will resolve DNS records for you, crafting a DNS query and presenting the response.
For example, to look up DNS information for thousandeyes.com you would type ‘dig thousandeyes.com’. Dig will automatically ask for an A record unless you specify otherwise; for example, you could add ‘type NS’.