DNS Records

DNS Records are configuration files stored on DNS servers, used to map domain names to IP addresses and other resources. Each file can contain multiple lines, where each line represents a different type of Resource Record (RR). There are over 30 types of DNS records, such as:

Start of Authority (SOA)

Start of Authority (SOA) is the first record in any DNS zone file and marks the authoritative DNS server for the domain. It contains important metadata like:

  • The primary DNS server.

  • Contact details of the domain administrator.

  • Domain serial number for tracking changes.

  • Refresh interval for how often secondary servers check for updates.

A DNS Zone represents a part of the DNS namespace that a specific DNS server controls, and it contains all the resource records for the domains within it. DNS Skeleton refers to the structure of these zone files, starting with the SOA and including other necessary records for proper resolution.

Example of an SOA record in a DNS Zone File:

example.com. IN SOA ns1.example.com. admin.example.com. (
  2023091401 ; Serial
  3600       ; Refresh
  1800       ; Retry
  1209600    ; Expire
  86400 )    ; Minimum TTL

This defines the authoritative server and various timing settings for DNS queries.

Structure

DNS Zone File Structure consists of various Resource Records (RR), each serving specific purposes. These files help DNS servers map domain names to IP addresses, mail servers, aliases, and more. The records in a zone file are usually categorized by their types, such as A, MX, CNAME, TXT, and SOA.

Here's an example of a basic DNS Zone File for the domain example.com:

$TTL 86400
@   IN  SOA ns1.example.com. admin.example.com. (
        2023091401  ; Serial number
        3600        ; Refresh
        1800        ; Retry
        1209600     ; Expire
        86400       ; Minimum TTL
)
    IN  NS  ns1.example.com.
    IN  NS  ns2.example.com.

@   IN  A   192.168.1.1
www IN  A   192.168.1.1
mail IN  MX 10 mail.example.com.

Resource Records Explanation

$TTL 86400: Default Time-To-Live (TTL) for all records in the zone, which tells caching servers how long to store the records.

IN SOA (Start of Authority): Defines the authoritative DNS server for the domain. The IN refers to the "Internet" class.

  • ns1.example.com.: Primary DNS server for example.com.

  • admin.example.com.: Email address of the administrator (written as admin@example.com).

IN NS: Specifies the authoritative name servers for the domain. ns1.example.com. and ns2.example.com. are the DNS servers for example.com.

IN A: Maps domain names to IP addresses. @ (root domain) and www.example.com both point to 192.168.1.1.

IN MX: Defines the mail server for handling emails for the domain. mail.example.com. is the mail server, with a priority of 10 (lower numbers indicate higher priority).

Key SOA Parameters

  • Serial number (2023091401): A version number for the zone file. It's incremented with each update to ensure secondary DNS servers can detect changes.

  • Refresh (3600 seconds): How often secondary servers should check for updates.

  • Retry (1800 seconds): How long to wait before retrying if a refresh attempt fails.

  • Expire (1209600 seconds): How long secondary servers should consider the data valid if they can't reach the primary server.

  • Minimum TTL (86400 seconds): The duration for caching negative responses (like "domain not found").

This structure ensures proper DNS functioning, from name resolution to email routing, while caching rules optimize performance.

IN

IN stands for "Internet" and is the most commonly used class in DNS records. It specifies that the resource record is associated with the Internet class of networks, as opposed to other classes like CH (CHAOS) or HS (Hesiod), which are rarely used today. When you see IN in a DNS zone file (e.g., IN A, IN SOA), it indicates that the record is valid for the Internet namespace, which is the default class for most DNS entries.

Historical Structure

CHAOS (CH) and Hesiod (HS) are alternative DNS classes, though they are rarely used today:

  • CHAOS (CH): Originally used for the CHAOSnet networking system, which was an early local area network (LAN) developed at MIT in the 1970s. Today, it's sometimes used in special DNS queries, like querying the version of a DNS server (e.g., dig @dns-server version.bind CHAOS TXT).

  • Hesiod (HS): Developed as part of MIT's Project Athena, it is used for looking up information like usernames and other network-related data stored in a DNS-like system. It maps user accounts, groups, and other info to DNS records, but it’s mostly obsolete today.

Both classes serve specific historical or niche purposes outside the mainstream IN (Internet) class.

Records

  • A Record: Maps a domain or hostname to an IPv4 address (e.g., example.com192.168.1.1).

  • AAAA Record: Maps a domain or hostname to an IPv6 address (e.g., example.com2001:db8::1).

  • NS Record: Specifies the authoritative nameserver for a domain (e.g., ns1.example.com).

  • MX Record: Defines the mail server responsible for receiving emails for a domain.

  • CNAME Record: Creates an alias for another domain (e.g., www.example.comexample.com).

  • TXT Record: Stores text data associated with the domain, often used for verification or additional information (e.g., SPF records for email).

  • HINFO Record: Provides hardware and OS information about a host.

  • SOA Record: The Start of Authority, indicating the primary DNS server and admin information for the domain.

  • SRV Record: Specifies a service location (like for VoIP or other services), including port and priority.

  • PTR Record: Resolves an IP address to a domain name (reverse DNS).

$TTL 86400            ; Time-To-Live for all records (in seconds)

; SOA Record (Start of Authority)
@   IN  SOA ns1.example.com. admin.example.com. (
        2023091401  ; Serial number
        3600        ; Refresh interval
        1800        ; Retry interval
        1209600     ; Expire time
        86400 )     ; Minimum TTL

; NS Records - Name Servers
    IN  NS  ns1.example.com.    ; Primary nameserver
    IN  NS  ns2.example.com.    ; Secondary nameserver

; A Record - IPv4 address mapping for example.com
@   IN  A   192.168.1.1        ; Root domain (example.com) to IPv4

; AAAA Record - IPv6 address mapping for example.com
@   IN  AAAA 2001:db8::1       ; Root domain to IPv6

; CNAME Record - Alias for www.example.com
www IN  CNAME example.com.     ; www.example.com is an alias for example.com

; MX Record - Mail Server for the domain
@   IN  MX  10 mail.example.com. ; Mail server for example.com

; TXT Record - Text record for SPF verification
@   IN  TXT "v=spf1 include:mail.example.com ~all" ; SPF record for email validation

; HINFO Record - Host Information (CPU and OS type)
@   IN  HINFO "Intel Xeon" "Linux" ; Host information for example.com

; SRV Record - Service Record (for SIP service in this case)
_sip._tcp IN SRV 10 5 5060 sipserver.example.com. ; SIP service running on port 5060

; PTR Record - Reverse DNS for 192.168.1.1
1.1.168.192.in-addr.arpa. IN PTR example.com. ; Reverse mapping of IP to domain

Here -

  • SOA Record: Contains the domain's main authority information.

  • NS Records: Lists the primary and secondary DNS servers for the domain.

  • A Record: Maps example.com to an IPv4 address (192.168.1.1).

  • AAAA Record: Maps example.com to an IPv6 address (2001:db8::1).

  • CNAME Record: Creates an alias from www.example.com to example.com.

  • MX Record: Defines the mail server (mail.example.com) for handling emails for the domain.

  • TXT Record: Stores a text entry for SPF email verification.

  • HINFO Record: Specifies the hardware (Intel Xeon) and operating system (Linux) information of the host.

  • SRV Record: Indicates a service, such as a SIP server for VoIP on port 5060.

  • PTR Record: Maps the IP address 192.168.1.1 back to example.com for reverse DNS lookup.

Name Server

A Name Server is a specialized server that helps resolve domain names into IP addresses and vice versa. It plays a critical role in the Domain Name System (DNS), which is like the internet's phonebook. When you enter a domain name (e.g., example.com) into your browser, the name server is responsible for finding the corresponding IP address (e.g., 192.168.1.1) so that your device can communicate with the correct web server.

Key Functions of a Name Server

  1. Domain Name Resolution: It translates domain names into machine-readable IP addresses, enabling users to access websites without needing to remember numerical addresses.

  2. Storing DNS Records: A name server stores various types of DNS records (e.g., A, AAAA, MX, CNAME), each of which provides different information about a domain.

  3. Authoritative vs. Recursive:

    • Authoritative Name Servers: These contain DNS records for a specific domain. They have the final say in resolving a domain name because they host the records (like A, MX, and NS records) that correspond to that domain.

    • Recursive Name Servers: These servers query other DNS servers on behalf of the client. They don’t hold authoritative records but instead fetch the data by querying other servers in the DNS hierarchy, often caching the results for faster future responses.

How Name Servers Work

When a user tries to visit example.com, the following process occurs:

  1. The browser contacts a recursive name server (often provided by the ISP or a public DNS server like Google DNS or Cloudflare DNS).

  2. If the recursive name server doesn't have the result cached, it queries the root name servers.

  3. The root servers direct the query to the TLD (Top-Level Domain) name server (e.g., for .com).

  4. The TLD name server directs the query to the authoritative name server for example.com.

  5. The authoritative name server returns the corresponding IP address to the recursive server, which then passes it back to the user's browser.

DNS Resolution

Last updated