DNS (Domain Name System) records are essential to keep the internet functioning and connected.
It contains essential instruction needed to resolve a domain name with its corresponding IP address and fetch other instructions to handle that domain’s request.
DNS records are present in DNS authoritative servers, which is the last stop in the DNS lookup process.
You can follow this guide to understand the DNS lookup process and how it works.
What are DNS records?
DNS records are set of instructions written in a series of text files, known as DNS syntax.
DNS syntax is the command line with just a string of characters that tell the DNS server what to do.
Moreover, the DNS records also have a TTL (Time to Live), which tells how long it can hold the data before the DNS server gets refreshed.
The DNS records analogy can be taken from business listing sites that contain business details such as an address, location, working hours, and what services they are offering.
Similarly, the DNS records contain the details of the domain name and some other instructions for different purposes.
Types of DNS records explained.
The most common types of DNS records are:
- A Record
- CNAME Record
- MX Record
- TXT Record
- NS Record
- SOA Record
- SRV Record
- PTR Record
Let’s look into each one of the DNS records.
A Record and AAAA record
The “A Records” are the most fundamental type of DNS records used to point a domain name or sub-domain to an IP address.
Here, the “A” stands for “address,” which indicates the domain’s IP address.
The “A Record” can hold only the IPv4 address, whereas the “AAAA record” can hold the IPv6 address.
The format of “A Record” is as below
The symbol “@” indicates that it is the record for the root domain (example.com), and Time To Live (TTL) is 14400 seconds.
Here, the complete “A record” means that the “A record” value can hold for 14400 seconds (240 minutes) before the DNS server refreshes the value.
Most of the websites have only one A record, but the website can have more than one A record to balance the traffic load and improve performance.
Moreover, larger sites with huge traffic spikes prefer more than one “A Record.”
The A record is the most commonly used DNS lookup, where the domain name is mapped with its corresponding IP address.
The CNAME record is another most common type of DNS record that is used to point a domain or subdomain to another hostname (root domain name or domain name).
The root domain name is the primary domain name, or you can say the main domain name, for which the A Record has been created.
The term CNAME stands for “canonical name,” which leads to the root domain or the domain that takes you toward the root domain.
For instance, shop.example.com (subdomain) has a CNAME record that points to example.com (root domain).
When to use a CNAME record?
The CNAME record is used instead of A Record only when a domain or a subdomain is an alias of another domain or root domain.
An ALIAS represents the second domain name linked to the existing domain name (parent site or root domain) or the domain name through which you can reach to root domain.
For example, the website “example.com” can also be reachable with “www.example.com.” So, the value can be written as “is an alias to the example.com.”
The analogy of CNAME record
The best CNAME analogy would be a clue (domain name with CNAME record) that points to another clue (another domain name with CNAME record) or directly point to a treasure (a root domain name with an A record).
So, one clue can chase another clue, and that clue may lead to a treasure.
Similarly, one domain or subdomain (first clue) can point to another domain or subdomain (second clue) or direct point to the root domain (treasure).
Example of a CNAME record
|@||CNAME||is an alias of example.com||32600|
In the above example, shop.example.com is the subdomain that points to example.com (root domain).
Finally, based on example.com A record, it will eventually resolve to the IP address 184.108.40.206.
Can one CNAME record point to another CNAME record?
But, point one CNAME record to another CNAME record to increase the DNS lookup chain and slow down the whole process.
It will also affect users’ experience and loading time.
For instance, pointing shop.example.com (CNAME record) to www.example.com (another CNAME record) and again pointing www.example.com (CNAME record) to example.com (A Record or AAAA Record).
CNAME for shop.example.com that point to www.example.com
|@||CNAME||is an alias of www.example.com||32600|
CNAME for www.example.com that point to example.com
|@||CNAME||is an alias of example.com||32600|
The better solution of the above process would be to point both domains (shop.example.com and www.example.com) directly to the root domain (example.com).
A common misconception of CNAME Record
The general misconception of the CNAME record is that it will resolve to the same domain name to which it is pointing.
In another way, the pointed domain name will always appear in the client browser, although it requested a subdomain because the CNAME is pointing to the root domain.
This is not the case; the CNAME record work is to point to the root domain that leads to an IP address.
Later, the IP address helps reach the webserver, where the webserver looks for the URL; it requested and loaded the same URL accordingly.
For instance, shop.example.com CNAME record point to root domain name example.com. Here, the DNS lookup retrieves the IP address associated with the root domain.
The browser with IP address connects to the webserver, and the webserver looks for the URL it requested, which in this case shop.example.com, and deliver the web page associated with it.
Moreover, the CNAME records always get updated accordingly if any changes occur in the root domain.
DNS MX Record
The MX Record stands for Mail Exchange (MX), which helps route an email to the preferred domain name.
The preferred domain name in the MX record points to a server, which will receive an incoming email and preferred to send emails when requested using Simple Mail Transfer Protocol (SMTP).
In MX Record, we can set up a priority during DNS entry to which server to give first preference.
Additionally, the email server always checks the MX record of your domain before sending the email.
If no MX record is found, it will not send an email, and if an incorrect MX record is entered, you won’t receive an email.
An incorrect or some other MX record (not for your domain) is entered, then it will point to the wrong location.
Like CNAME Record, the MX Record also points to another domain name (server).
Example of MX Record:
As you can see, the priority has been set for each domain name (email host). The first “priority” will be given to the domain name having a lower “priority” value.
In this case, the domain name emailhost1.example.com with priority value 10 will be given first preference over the domain name emailhost2.example.com having priority value 20.
If, in any case, the first preference is unreachable or message delivery failed, then it will automatically move to the second preference.
Moreover, there could also be another case when the set priority is equal in both domains; in such cases, each domain will receive an equal amount of email.
This case occurs only when we want to balance the load by distributing email equally between two servers.
What is the process of querying an MX record?
The querying of an MX record takes place with the help of MTA (Message Transfer Agent).
When the user sends an email, the Message Transfer Agent is responsible for setting up a query to find the MX record.
If the MX record was found, then MTA software will connect with mail servers (preferred one) using the Simple Mail Transfer Protocol (SMTP).
What is a backup MX record?
The backup MX record is referred to as the MX record other than the high priority MX record.
In the above example, the domain name “emailhost1.example.com” is set as a top priority, and another domain name “emailhost2.example.com” is known as the backup MX record.
It will automatically refer to the backup server if it fails to deliver to the first server or high priority server.
Can MX record points to a CNAME?
The MX Records contain the domain name that handles the email of the specific domain.
The MX record cannot directly point to an IP address; instead, it has to first point to a domain name, and then that domain name can point to an IP address indicating A record or AAAA record.
If you are pointing the MX record directly to an IP address, the server will reject it.
Moreover, the CNAME can point to another domain or root domain, which finally points to a server by specifying A record or AAAA records.
According to RFC (Request for Change) documents, pointing to CNAME alias is forbidden and invalid.
DNS TXT Record
DNS TXT records give leverage to domain administrators to have as many TXT records into the Domain Name System (DNS).
The TXT Record can be in a human-readable format or a machine-readable format.
Example of a TXT record:
|@||TXT||This is a knowledgeable website||32600|
Currently, TXT records are used mostly for two purposes: Email spam prevention and domain ownership verification.
What kind of data TXT record can store?
According to the original RFC, the TXT record value can have only “strings.”
However, most DNS servers put restrictions on using the TXT record and how many TXT records you can store. They also put limitations on the amount of data it can hold.
What is the format of storing data in a TXT record field?
In 1993, the Internet Engineering Task Force (IETF) had defined the standard format.
The format contains a variable called “attribute” that can store the “value” corresponding to it, and both are separated with an equal sign “=” such as:
This format is contained within quotation marks (“) and placed in the value field of the TXT record.
The example is as below:
Apart from the IETF standard format, some DNS administrators follow their own standard format for the TXT record.
It can also be formatted for special purposes like DMARC policies, which can be implemented in a TXT record in a different standardized format.
How the TXT format helps in preventing email spam?
The spammer can manipulate or forge your domain name for their own purpose and send an unlimited email for illegal activity.
The different email authentication method is using a TXT record as a key component for the server to determine if a message is coming from a trusted source or not.
The common email authentication methods are:
- Domain Keys Identified Mail (DKIM)
- Sender Policy Framework (SPF)
- Domain-based Message Authentication, Reporting, and Conformance (DMARC)
The above email authentication method is configured using the TXT record, making it difficult for the spammers to spoof your domain. Also, you can easily track any spam attempts.
SPF TXT records are used for servers that are authorized to send emails from a domain.
DKIM record is a method to verify the authenticity of the email message.
The email message is verified using private and public key pair from the sender and receiving server.
The public key is inserted using a TXT record that verifies the association of the domain with email.
DMARC records are set up only after SFC and DKIM records are configured properly.
DMARC records are used to prevent a spammer from spoofing the “From” address on email messages.
The TXT record is stored in title_dmarc.example.com, where “example.com” can be replaced with the original domain name.
How does TXT record help to verify domain ownership?
Domain ownership verification is needed in most cases to associate with a particular service. It is used mostly by webmaster tools and cloud service providers.
The verification of the domain is implemented by inserting the TXT record, which includes the value provided by service providers.
Afterward, the service providers will check whether the TXT record has been implemented or not.
If the verification was successful, it clearly indicates that the owner controls the domain name.
DNS NS Record
NS stands for “Nameserver,” which is very important to get your server and domain online.
What is Nameserver?
A Nameserver is a type of DNS server that contains all the DNS records, including A records, CNAME records, and MX Records.
The NS Record indicates which DNS server is authorized to contain a complete list of DNS records.
Precisely, it tells the internet where to find the IP address of the domain.
The NS record is configured as below:
A domain name can have more than one NS record. The first nameserver record entered is considered the primary nameserver, and the rest of the records are backup nameserver records.
If, in any case, the primary nameserver fails, then it will automatically move to the backup nameserver.
Also, any update in the primary nameserver will trigger the update on backup nameservers.
Moreover, NS records never point to a CNAME record.
When to change and update the NS record?
Update and NS records change occur only when the nameserver has changed or is shifting to another nameserver.
The cloud service provider basically provides a nameserver, and the administrator needs to make the changes.
Once the changes have been done, it will take up to an hour to replicate the changes throughout the DNS.
If needed, you can also have a separate nameserver for your subdomain.
For instance, ns1.nameserverdomain.com for root domain example.com and ns2.nameserverdomain.com for the subdomain.com.
This will balance the load and maximize performance in case of heavy traffic.
DNS SOA Record
The SOA record stands for the “start of authority” record. The DNS SOA record stores information of domain name or DNS zone.
For instance, when the domain was last updated, how long did the DNS server wait between refreshes, DNS zone serial number, and many more.
Additionally, according to the IETF standard, SOA record is mandatory for the DNS zone and DNS zone transfer.
Example of DNS SOA record:
The RNAME value here indicates the administrator email address, which is represented as info.example.com, and it is equivalent to [email protected]
What is a DNS zone serial number?
A DNS zone consists of one domain (or subdomain) or more than one domain (or subdomain). It defines and controls the area of the namespace.
The zone serial number acts as an identifier of the DNS zone. In the above example, next to “SERIAL” represents the DNS zone serial number.
What do other parts of the SOA record mean?
MNAME field contains the primary nameserver for the zone, and the backup nameserver will get an update from the primary nameserver.
REFRESH field indicates the length of time (in seconds) after which the secondary nameserver or backup nameserver will ask for any updates.
RETRY is the time taken for the secondary nameserver to ask for any updates from the primary nameserver only if the first attempts failed.
EXPIRE field contains the length of time it takes for the primary server to respond to the secondary server.
DNS SRV Record
The SRV record stands for “service” record that specifies the host and port number of specific services like instant messaging, Voice over IP (VoIP), and many more.
As we have seen before, other DNS records maintain only the server’s IP address, but the SRV record works differently; it requires a port number to function.
What is a port?
The port defines the virtual location in a server, which is categorized for different types of services.
With the port’s help, the incoming traffic can easily be differentiated and routed to the type of services.
For instance, VoIP will have a port number different from email messages.
Follow the guide for complete detail on port number.
What does the SRV record contain?
The SRV Record has the following information that is listed below.
Here, “proto” stands for the protocol that is transport protocol in the TCP/IP model, and “name” stands for the domain name.
The actual SRV format can be displayed below:
_service._proto.name. TTL class type of record priority weight port target.
So, from the above example, it will actually look like as below:
_smtp._tcp.example.com. 86400 IN SRV 10 5 25 server1.example.com
Here, _smtp indicates the type of service, and _tcp is the TCP transport protocol.
Further, example.com is the domain name, server1.example.com is the target server, and 25 is the server’s port number.
Also, the target server (server1.example.com) must point to A record or AAAA record.
How priority and weight are defined in the SRV record?
Both priority and weight in the SRV record give priority to the server.
The server with a lower “priority” value is given more priority. Similarly, the server with the “weight” value higher is given more weightage.
But, the only difference is that the “priority” value is given the first preference.
For instance, if the “priority” value is 10, 20, 30 for the three servers, the “weight” value doesn’t matter.
But, if the “priority” value remains the same for the three servers: 10, 10, 10, then the “weight” value is considered.
DNS PTR record
The DNS PTR record stands for the “Pointer” record. The work of the PTR record is to find the domain name associated with the IP address.
The PTR record works exactly opposite of the “A” Record (IPv4) or “AAAA” record (for IPv6), where you have to find the IP address associated with the domain name.
In other words, the PTR record works in the reverse DNS lookup way. The query is generated in reverse lookup, which starts matching the IP address to the domain name.
How are DNS PTR records stored?
As we know, in DNS A Record, the IP address is stored corresponding to the domain name.
But, in the PTR record, it is working in a reverse way. In the PTR record, the value is stored corresponding to the IP address.
The format to store PTR record is:
For instance, the IP address is 220.127.116.11; then the PTR record will be 18.104.22.168.in-addr.arpa.
Here, “.arpa” is the top-level domain used for managing network infrastructure. It is the first domain defined by the internet.
The ARPA stands for Advanced Research Project Agency.
Also, the above format is used for DNS lookup in IPv4.
For IPv6, the PTR record format will be different.
23a9:fe34:45bc::de98.ip6.arpa (for example).
Where to use the PTR record?
There are so many ways you can use the PTR record for reverse DNS lookups.
In Anti-spam cases, it is checked whether the legitimate email server uses the associate IP address or not.
To diagnose and troubleshoot the email address issue, a PTR record is used to check the email delivery problem.
If the PTR record domain is different, then the current email services will be blocked from that domain.
It is also used in system logs where it collects the domain name instead of an IP address, which is more human-readable.