Use of DNS and Common DNS Record Types

In this blog we explain the use of DNS and Common DNS Record Types.

What is DNS?

Domain Name System (or Service or Server), an Internet service that translates domain names into IP addresses. Because domain names are alphabetic, they’re easier to remember. The Internet however, is really based on IP addresses. Every time you use a domain name, therefore, a DNS service must translate the name into the corresponding IP address. For example, the domain name www.example.com might translate to 198.105.222.11.

The DNS system is, in fact, its own network. If one DNS server doesn’t know how to translate a particular domain name, it asks another one, and so on, until the correct IP address is returned.

The basics of creating A records (which translate a hostname to an IP address) are simple enough
TTL (Time to Live) is a setting for each DNS record that specifies how long a resolver is supposed to cache (or remember) the DNS query before the query expires and a new one needs to be done.

The benefits of caching are pretty obvious: it’s a lot faster to check your local resolver’s cache then having to look up a DNS record that isn’t already cached. This speed up your Internet experience when visiting a site you go to often (since less time is needed to complete DNS lookups) and also helps lower the load on DNS servers around the world.

The Use of DNS

1. Domain Resolution:

DNS serves as the internet’s address book, translating user-friendly domain names (e.g., www.example.com) into IP addresses that computers use for communication.

2. Load Balancing:

DNS can distribute incoming traffic across multiple servers to achieve load balancing. This is commonly used to optimize resource utilization and enhance application performance.

3. Email Routing:

DNS is crucial for email delivery. It helps in routing emails by pointing the mail exchanger (MX) records to the correct mail server responsible for handling emails for a particular domain.

4. Security (DNSSEC):

DNS Security Extensions (DNSSEC) add an extra layer of security by providing a way to verify the authenticity of DNS responses, helping to mitigate various DNS-related attacks.

What happens when the DNS record changes?

This is where the potential downside of caching becomes evident. If a DNS record is cached, then a new lookup is not done until that cache expires. Thus that resolver that has the cached record won’t have any way to find out about the changed record until its cache expires.

When you hear someone mentioning they are waiting for DNS to propagate, they are waiting for cached DNS records to expire at all of the different resolvers that previously looked it up. If you have a 1-day TTL on a record, which means it would take a full day for any change to propagate around the world.

When specifying Time To Live (TTL) you should be aware of the following important factors:

•    The higher the TTL, the less frequently caching name servers need to query authoritative name servers.
A higher TTL reduces the perceived latency of a site and decreases the dependency on the authoritative name servers.
•    The lower the TTL, the more frequent updates are propagated to other name servers.

If you’re going to make DNS changes, we suggest lowering the TTL to make the changes. If you’re using DNS for failover, then lowering the TTL is a good idea as it takes less time to fail-over to another server.

Generally, we recommend a TTL of 24 hours (86,400 seconds). However, if you are planning to make DNS changes, you should lower the TTL to 5 minutes (300 seconds) at least 24 hours in advance of making the changes. After the changes are made, increase the TTL back to 24 hours.

If DNS is used for failover, then you should probably keep the TTL at approximately 5 minutes all the time. Common DNS Record Types

A (Address) Record:

Associates a domain with an IPv4 address. For example, www.example.com might point to 192.168.1.1.

– Usually a 1 hour TTL is a good compromise between enabling fast changes while taking advantage of DNS caching while someone is visiting your site. If changes to this record are often or need to happen quickly in an emergency, you can usually set it as low as 30 seconds.

AAAA (IPv6 Address) Record:

Similar to the A record but associates a domain with an IPv6 address. This is essential as the internet transitions to IPv6.

CNAME (Canonical Name) Record:

Creates an alias for a domain. For instance, blog.example.com might be a CNAME for www.example.com. In many cases, a CNAME record will never be modified (ex. pointing www.example.com to example.com’s A record). In those scenarios, a 12 hour to 1 day TTL is a good compromise as the benefits of caching outweigh the need for a faster propagation time. If your CNAME record could potentially change (such as if you are using a CDN), you will want to a have a lower TTL.

MX (Mail Exchanger) Record:

Specifies the mail servers responsible for receiving emails on behalf of the domain. MX records rarely, if ever, change, especially if you are using an email provider with a good track record or you have lots of redundancy when self-hosting. You can usually set this to a 12 hour or 1 day TTL. If you want to ensure faster propagation times in the event of an emergency, a 1 to 4 hour TTL is a good compromise.

TXT (Text) Record:

Holds human-readable information and is often used for domain verification, SPF records for email, and other purposes. Most commonly used for SPF or DKIM records. Usually safe to set in the 1 hour to 12-hour range since they rarely change. In the end, keep in mind that what you set the TTL to is what you are most comfortable with. It is all about striking a reasonable balance between a fast propagation time and taking advantage of DNS caching.

NS (Name Server) Record:

Specifies authoritative DNS servers for the domain.

PTR (Pointer) Record:

Used for reverse DNS lookups, associating an IP address with a domain name.

SOA (Start of Authority) Record:

Contains administrative information about the domain, such as the primary DNS server, the email of the domain administrator, the domain’s serial number, and timers.

Conclusion

DNS is a fundamental technology that plays a pivotal role in making the internet accessible and user-friendly. Understanding its use and the various record types allows for effective domain management, enhances security, and ensures the seamless operation of internet-related services. Mastering DNS is essential for anyone involved in web development, network administration, or online business.

End of article – Use of DNS and Common DNS Record Types.

FAQs About DNS and Common DNS Record Types:

Q1: What is DNS and why is it important?

A1: DNS, or Domain Name System, is a system that translates human-readable domain names into IP addresses. It is crucial for navigating the internet by providing a way to associate domain names with their corresponding IP addresses.

Q2: How does DNS work in simple terms?

A2: DNS works like a phonebook for the internet. When you enter a domain name in a browser, DNS translates it into the corresponding IP address, allowing your device to connect to the desired server.

Q3: What is the purpose of the A record in DNS?

A3: The A (Address) record associates a domain with an IPv4 address. It is used to map a domain name to the corresponding numerical IP address.

Q4: Why are AAAA records used in DNS?

A4: AAAA records serve the same purpose as A records but for IPv6 addresses. As the internet transitions to IPv6, AAAA records become crucial for associating domain names with IPv6 addresses.

Q5: What is the role of the MX record in DNS?

A5: The MX (Mail Exchanger) record specifies the mail servers responsible for receiving emails on behalf of the domain. It helps in routing emails to the correct mail server.

Q6: How does CNAME differ from A record in DNS?

A6: A CNAME (Canonical Name) record creates an alias for a domain and points it to another domain. In contrast, an A record directly associates a domain with an IP address.

Q7: What is the significance of the SOA record in DNS?

A7: The SOA (Start of Authority) record contains administrative information about the domain, including the primary DNS server, the email of the domain administrator, and important timers.

Q8: How does DNSSEC enhance DNS security?

A8: DNSSEC (DNS Security Extensions) adds a layer of security to DNS by providing a way to verify the authenticity of DNS responses. It helps prevent various DNS-related attacks, such as cache poisoning.

Q9: Can I create my own DNS records for a domain?

A9: Yes, domain owners typically have control over their DNS records. Through the domain registrar or DNS hosting provider, you can manage and create various DNS records to suit your needs.

Q10: How often should I update DNS records?

A10: DNS records should be updated whenever there are changes to your network infrastructure, such as changing servers, IP addresses, or mail servers. Regularly reviewing and updating DNS records is essential for optimal domain management.

See Also:

Linux Network Configuration Command Line

Free DNS Tools which helps to Administer your Network

Traceroute command to count hop in Linux