A few weeks ago I published a post on various DNS lookup tools. This post gives an introduction to some aspects of DNS. Today, we're going to dive a bit more into some of the details of DNS, specifically the content of DNS responses known as resource records.
Resource records, often abreviated at RR, are the content of DNS responses. They contain several fields, each with important details regarding the way the RR should be interpreted. Let's take a look at the output of the
dig query Anthony used in his tutorial:
$ dig dnsimple.com ; <<>> DiG 9.8.3-P1 <<>> dnsimple.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60554 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;dnsimple.com. IN A ;; ANSWER SECTION: dnsimple.com. 59 IN A 18.104.22.168 ;; Query time: 294 msec ;; SERVER: 22.214.171.124#53(126.96.36.199) ;; WHEN: Tue Feb 3 11:17:13 2015 ;; MSG SIZE rcvd: 46
The part we care about is the line labeled
;; ANSWER SECTION:.
dnsimple.com. 59 IN A 188.8.131.52
The answer we're looking at here has five parts: the
RDATA. Let's look at each one as it occurs.
NAME resource field states the domain name to which the resource record refers. In this case, we're looking at a record for the
dnsimple.com. domain name. The
NAME is actually best interpreted from right to left treating the period (
.) as a delimiter for each portion of the
NAME. Keeping this in mind, we see that this
NAME exists in the
com top-level domain. After this, we notice
dnsimple, comes next and there are no further subdomains. This type of name is often referred to as the apex or root domain, but it is possible to provide a
NAME with multiple levels of specificity.
TTL resource field is an abreviation for the phrase "time to live". This field gives the amount of time, in seconds, for which the record should be considered valid. In this case, the record only lasts for 59 seconds. While the
TTL is set by the domain administrator with their DNS provider, some resolvers and caches do not respect the
TTL as provided by the authoritative name server.
CLASS resource field is generally rarely used. The
IN in this example, and most examples you're likely to see, indicates that this record is of the "Internet"
CLASS of DNS record. There are also
CH (for Chaosnet) and
HS (for Hesiod) classes, as well as
QCLASS options for use only in queries. Generally speaking, the
CLASS field will almost always be
IN in a DNS answer.
TYPE resource field is where the format of the record is defined. There are many
TYPEs of resource records, the most common being A (which gives an IPv4 address for a
NAME), AAAA (which gives an IPv6 address), MX (which sets the location of a mail server), CNAME (or canonical name, which maps one
NAME to another), and TXT (which can include any arbitrary text). This field really defines what sort of
RDATA is to be expected for the record.
RDATA resource field is, in many ways, the heart of a DNS answer. Without it, there's nothing for the record to do. In this particular case, since we're looking at an A record, the
RDATA is an IPv4 address which indicates where the
NAME dnsimple.com should resolve to. Other record
TYPEs will have different
Every one of these fields will be returned in any DNS response. Hopefully this dive into some of the details was enlightening for you. Let us know what you think by getting in touch with us.
Teacher of people and computers. Fond of subtle distinctions.
Configure DNSimple as your secondary DNS provider to improve your domain's availability and redundancy with AXFR zone transfers.
Get a free limited-edition t-shirt featuring the characters of howdns.works and howhttps.works with any new yearly subscription to DNSimple.