Last month, we took a look at what's in a DNS response. Today we're going to dive deeper into one aspect of those responses. Specifically, we're going to investigate the types of DNS resource records and what they are used for. We have several posts in our support site about each of these records and one about common DNS records, but today we're going to look at them all at once.
The A record is one of the most commonly used record types in any DNS system. An A record is actually an address record, which means it maps a fully qualified domain name (FQDN) to an IP address. For example, an A record is used to point a domain name, such as "google.com", to the IP address of Google's hosting server, "126.96.36.199".
This allows the end user to type in a human-readable domain, while the computer can continue working with numbers. The name in the A record is the host for your domain, and the domain name is automatically attached to your name. For example, if you want to make a record for www.yourdomain.com, you only need to enter 'www' for the name value in the textbox when editing the records for yourdomain.com.
Canonical name records, or CNAME records, are often called alias records because they map an alias to the canonical name. When a name server finds a CNAME record, it replaces the name with the canonical name and looks up the new name. This allows pointing multiple systems to one IP without assigning an A record to each host name. It means that if you decide to change your IP address, you will only have to change one A record.
CNAME records must be the only record on a zone, which is why they cannot be added to the apex of any zone as the apex is the place where the NS and SOA records for the whole zone must be placed. For this reason, we introduced the ALIAS record to give the same flexibility as a CNAME, but on zones where a CNAME would not other wise be permitted.
The MX record, which stands for "mail exchange", is used to identify mail servers to which mail should be delivered for a domain. MX entries must point to a domain, and never point directly to an IP address. If no MX record exists on a domain to which an SMTP server attempts to deliver mail, the server will attempt to deliver the mail to the matching A record.
In addition to the standard RDATA containing the location of mail servers, MX records also have a priority. The MX priority determines the order of mail servers to which mail delivery should be attempted. The mail server which has the lowest MX level should be the first target for delivery. For example, if you have MX records with levels 10, 20, and 30, servers should try to deliver the mail to the MX record with level of 10 and then to the others if delivery to the first fails.
An NS record identifies which DNS server is authoritative for a particular zone. The "NS" stands for "name server". NS records that do not exist on the apex of a domain are primarily used for splitting up the management of records on sub-domains.
The benefit of having multiple NS records on the apex zone is additional redundancy of DNS service. In order to get the most redundancy out of the NS records, they should be hosted on different network segments. If the NS records are not hosted on different network segments and the network goes down, your DNS will go down with it.
It is worth noting that the NS records set on a particular name server are different from the delegation for a domain set with the registry of the domain.
The SOA or Start of Authority record for a domain stores information about the name of the server that supplies the data for the zone, the administrator of the zone and the current version of the data. It also provides information about the number of seconds a secondary name server should wait before checking for updates or before retrying a failed zone transfer.
A TXT record allows domain administrators to insert any text into the DNS record. It is usually used to denote facts about the domain. A TXT entry was originally intended for human-readable text, but these records are dynamic and can be used for many purposes.
These records are not used to direct any traffic, but to provide information to outside sources. For example, TXT records are used by email systems to identify if an email is coming from a trusted source (via an SPF record). Another common use is "ownership verification". If you want to use a service like google webmaster tools, one method of verifying ownership is to add a TXT record to the domain with a randomly generated string. Google then checks for the record to have the proper value and confirms your control over the domain.
Teacher of people and computers. Fond of subtle distinctions.
Use DNSimple's Domain Access Control to limit what each member can access on a per-domain or per-zone basis.
DNSimple is moving our DNSSEC out of beta and into general availability.