How does a DNS Records work?

The Domain Name System (DNS) ensures that users can enter a domain in the browser and arrive at their desired website. In fact, network participants primarily communicate via IP addresses. However, since these are rather unwieldy, you only need to enter the website name as this is automatically translated into the number sequence. How does this translation work?

What Are DNS Records?

When you enter an internet address in the browser, the system first has to look up which IP address belongs to this domain. This sometimes occurs even in the computer’s memory itself, often in the internet provider’s database or other DNS servers, and in cases of uncertainty, via one of the large root servers that monitor the entire Domain Name System as authority entities. In order to perform a name resolution, the DNS records, specifically the resource records, must be searched for in the DNS and/or name servers. Here, each IP address (known to the server) is assigned a domain name.

The DNS has a hierarchical and decentralized structure. At each level, there is a server that is responsible for its namespace. This means that in the search for www.example.com’s IP address, the root server only helps if it knows which server is responsible for the Top-Level Domain (TLD). In this way, the individual levels are run through in order to perform the name resolution. This means that the IP address of the actual web server or mail server resides solely with the host itself. For this reason, it is important for website operators to understand the concept of resource records.

How Do DNS Records Work?

DNS records are primarily located in zone files. With respect to DNS, a zone denotes an organizational area. It is possible for a domain to consist of a single zone. Extensive domains, however, are often divided into several zones. Each DNS server is responsible for a zone. If a client therefore wishes to activate a specific domain, it (or more specifically, the DNS server) has a look in the zone files for the appropriate records and forwards the request to a lower-level server until the final destination is reached.

DNS Record Syntax

Resource records are structured according to a simple system and coded in ASCII. There is a separate line for each DNS record. The records typically follow the following format:

<name> <ttl> <class> <type> <rdlength> <radata>

The discrete information is separated by a space and some kinds of information are only optional. In certain types of records, additional fields also appear. But what do the key record fields represent?

  • <name>: The domain name is the name that the user enters into their browser.
  • <ttl>: TTL stands for “time to live” and denotes the time (in seconds) that a record may be temporarily stored in the cache. After the time has lapsed, it cannot be ensured that the resource record is still current. This information is optional.
  • <class>: In theory, there are different classes of DNS records. In practice, however, the records always refer to the internet (marked as IN), which is why this information is also optional.
  • <type>: Different types of resource records appear in a zone file (for more on this, see below).
  • <rdlength>: This optional field specifies the size of the subsequent data field.
  • <rdata>: Resource data is the information according to which the domain name can be resolved (such as the IP address).

The DNS record for the example.com web server thus looks like this:

www.example.com. 12879 IN A 93.184.216.34

A client can store the record for 12,879 seconds (around three and a half hours) in the cache before the information must again be requested from the DNS server. It involves a DNS record on the internet (IN) and a type A record (A). The domain is resolved to an IP address.

Another notation is also possible:

$TTL 12879
$ORIGIN example.com.
www A 93.184.216.34

This notation illustrates that the computer with the name www is part of the example.com domain. This way, other computers such as mail or ftp can be placed under the origin domain.

Note

The domain name ends (or begins, because one goes from right to left) with a period. Fully Qualified Domain Names (FQDN) – in which the root label (though empty) also appears – are used in DNS records. It generally is situated after the period.

The Most Important DNS Record Types

A record type determines what kind of information is located in the record. In addition to the resolution of domain names according to IP addresses, DNS records have other functions as well.

A Record

The largest portion of name resolution on the internet takes place via the type A record. An IPv4 address is located in its data field. Through these records, it is possible for the internet user to enter a domain name in the browser and for the client to send an HTTP request to the appropriate IP address. Since an IPv4 address always has a size of 4 bytes, the value under rdlength – if specified – is always 4.

AAAA Record

An AAAA record, also known as “quad A”, functions exactly like the A record. However, it uses an IPv6 address instead of an IPv4 address to resolve the name. Because IPv6 has a length of 128 bits (16 bytes), the data field length is also predefined here. The AAAA designation is based on the fact that the data field has four times the length of an A record data field.

SOA Record

SOA stands for Start of Authority. The records for this type contain information on the zone that is organized by the zone file and/or the DNS server. This is important – among other scenarios – during a zone transfer. Here, zone files are mirrored to other servers in order to prevent failures. The zone transfer regulates the periodic distribution of the original file. In this kind of DNS record, a serial number is therefore also placed next to the mailing address of the responsible administrator. This increases with each file update.

CNAME Record

Under a CNAME record (canonical name record), one finds an alias – an additional name for a domain. Using this, the record refers to an existing A record or AAAA record. With this type, the rdata field is filled with a domain name that was previously linked with an IP address in the file. In this way, different addresses can refer to the same server.

MX Record

An MX record refers to a mail exchange or an SMTP email server. One or several email servers are defined here that belong to the relevant domain. When using several mail servers (for example, to offset a failure), they specify different priority levels. In this way, the DNS knows in which sequence the contact attempt should proceed.

PTR Record

The PTR record (pointer) is a DNS record that permits a reverse lookup. Through this technique, the DNS server can also provide information regarding which host names belong to a specific IP address. For every IP address that is used in A or AAAA records, there also exists a corresponding PTR record. At the same time, the IP address is structured in reverse sequence and is also provided with the name of a zone.

NS Record

In the NS record – a zone file’s name server record – the jurisdiction for a specific zone is clarified. For this reason, this record is mandatory for each zone file. This resource record gives the DNS server information on whether it is responsible for the request – thus requiring it to organize the relevant zone – and to whom it must forward the request.

TXT Record

The TXT record contains text that either is intended for human users as an information source or is machine-readable information. This DNS record gives an administrator the option of storing unstructured Text (in contrast to the structured data of the other DNS records). This could also include details about the company behind the domain.

SRV Record

Via the SRV record, a server can provide information about other services (SRV). For this purpose, the service, including the port at which it can be reached, is specified. In addition, the used protocol forms part of the name. Via the DNS record, a client can receive information on LDAP or XMPP services.

LOC Record

Through the LOC record, the location of the physical server can be disclosed. For this purpose, the latitude, longitude, height above sea level as well as an error deviation are given at the end of the record.

Tip

Learn more about "What is DNS propagation?" in our Digital Guide article on the topic.

Zone File

In the zone file (a type of simple text file), all of the DNS records are listed. In order for the data to be correctly processed, specific guidelines must be observed. Otherwise the DNS cannot function, and the client will receive the SERVFAIL error message. For this reason, it is necessary to adhere to a special structure: Initially the zone name is specified, and then, in many cases, the TTL. Adding the time information right here has the advantage that, in the individual resource records, the information can be omitted. The TTL is then valid globally for the entire zone.

$ORIGIN example.com.
$TTL 12879

The first DNS record is a SAO record. Without this, a zone file cannot function. Conversely, a zone file is then also valid only if the SOA record is available. After that, there are the first records for the name server, and then the A and AAAA records.

If comments are to be added within the file – for example, to make work easier for other administrators –semicolons should be used. This way, information is created about a DNS record without the server processing the text. You can insert empty lines to structure your records. These are also simply ignored by the system during the readout. One line is used per record; a line break finalizes the record. If you want to have a record run over several lines, however, you should then add brackets.

All DNS Record Types in Summary

In addition to those mentioned above, there are many other possible resource record types that can be found in the zone files – even if not all that often. The following table introduces all the types and provides some brief insight into their functions.

Note

The Internet Assigned Numbers Authority (IANA), which also has the allocation of IP addresses among its responsibilities, has assigned each DNS record type a value (like a kind of identification number).

Value Type Description
1 A Address specifies a host’s IPv4 address.
2 NS Nameserver clarifies the zone’s authority.
3 MD Mail Destination was replaced by the MX record (obsolete).
4 MF Mail Forwarder was replaced by the MX record (obsolete).
5 CNAME Canonical Name defines an alias.
6 SOA Start of Authority discloses details about the zone.
7 MB Mailbox Domain Name is experimental.
8 MG Mail Group Member is experimental.
9 MR Mail Rename Domain Name is experimental.
10 NULL Null Resource is experimental.
11 WKS Well Known Service was used for mail forwarding (now obsolete).
12 PTR Pointer is intended for reverse lookup.
13 HINFO Host Information supplies the host’s hardware and software details.
14 MINFO Mailbox Information is experimental.
15 MX Mail Exchange assigns email servers a domain.
16 TXT Text provides the option of entering additional texts.
17 RP Responsible Person provides information on the responsible person.
18 AFSDB AFS Database is specifically intended for AFS clients.
19 X25 X.25 PSDN Address provides details on encapsulation via X.25 (obsolete).
20 ISDN This record assigns the DNS name an ISDN number (obsolete).
21 RT Route Through Record provides route-through binding without a WAN address (obsolete).
22 NSAP This record enables assignment of domain names to Network Service Access Points (obsolete).
23 NSAP-PTR NSAP Pointer was replaced by PTR (obsolete).
24 SIG Signature was replaced by RRSIG (obsolete).
25 KEY Key was replaced by IPSECKEY (obsolete).
26 PX Pointer to X.400 specifies MIXER mapping regulations (obsolete).
27 GPOS Geographical Position was replaced by LOC (obsolete).
28 AAAA AAAA provides a host’s IPv6 address.
29 LOC Location contains location information.
30 NXT Next was replaced by NSEC (obsolete).
31 EID Endpoint Identifier is intended for Nimrod Routing Architecture (obsolete).
32 NIMLOC Nimrod Locator is intended for Nimrod Routing Architecture (obsolete).
33 SRV Service Locator provides information about other services.
34 ATMA ATM Address provides information when there are asynchronous transfer modes (obsolete).
35 NAPTR Naming Authority Pointer is an A record extension that permits the search pattern (regular expressions).
36 KX Key Exchanger enables key management for cryptography.
37 CERT Cert saves certificates.
38 A6 A6 was replaced by AAAA.
39 DNAME Delegation Name specifies the aliases for complete domains.
40 SINK Kitchen Sink enables the storage of various data (obsolete).
41 OPT Option is a pseudo-record when there is a DNS extension mechanism (EDNS).
42 APL Address Prefix List lists address areas in CIDR format.
43 DS Delegation Signer identifies DNSSEC-signed zones.
44 SSHFP SSH Public Key Fingerprint discloses the fingerprint for SSH keys.
45 IPSECKEY IPsec Key contains an IPsec key.
46 RRSIG RR Signature contains a digital signature for DNSSEC.
47 NSEC Next Secure threads signed zones in DNSSEC.
48 DNSKEY DNS Key contains a public key for DNSSEC.
49 DHCID DHCP Identifier links domain names with DHCP clients.
50 NSEC3 Next Secure 3 is an alternative to NSEC.
51 NSEC3PARAM This record contains Parameter for NSEC3.
52 TLSA This record issues an TLSA Certificate Association with a domain name pertaining to DANE.
53 SMIMEA This record issues a S/MIME Certificate Association with a domain name.
54 n/a Unassigned
55 HIP Host Identity Protocol separates endpoint markers and positioning functions from IP addresses.
56 NINFO NINFO provides information on the zone’s status (same structure as TXT; obsolete).
57 RKEY RKEY saves keys (same structure as KEY and DNSKEY; obsolete).
58 TALINK Trust Anchor Link connects two domain names (obsolete).
59 CDS Child DS is a child copy of a DS record.
60 CDNSKEY Child DNSKEY is a child copy of a DNSKEY record.
61 OPENPGPKEY OpenPGP Key discloses public keys.
62 CSYNC Child-to-Parent Synchronization enables the reconciliation of parent and child zones (obsolete).
63 ZONEMD Message Digest for DNS Zone is experimental (obsolete).
64–98 n/a Not assigned.
99 SPF Sender Policy Framework was replaced by the TXT record (obsolete).
100 UINFO Reserved.
101 UID Reserved.
102 GID Reserved.
103 UNSPEC Reserved.
104 NID NodeID is experimental.
105 L32 32-bit Locator is experimental.
106 L64 64-bit Locator is experimental.
107 LP Locator Pointer is experimental.
108 EUI48 48-bit Extended Unique Identifier encrypts addresses.
109 EUI64 64-bit Extended Unique Identifier encrypts addresses.
110–248 n/a Unassigned.
249 TKEY Transaction Key enables the exchange of secret keys.
250 TSIG Transaction Signature is used for authentication.
251 IXFR Incremental Zone Transfer enables zone file components to be updated on a second server (obsolete).
252 AXFR AFXR transfers a complete zone file to a second server (obsolete).
253 MAILB Mailbox queries records related to a mailbox (obsolete).
254 MAILA Mail Agent was replaced by MX-Record (obsolete).
255 * * requests all records (obsolete).
256 URI Uniform Resource Identifier discloses the mapping of host names to URIs.
257 CAA Certificate Authority Authorization specifies a domain’s possible CAs.
258 AVC Application Visibility and Control contains application metadata for DNS-AS (obsolete).
259 DOA DOA is no longer active (obsolete).
260 AMTRELAY Automatic Multicast Tunneling Relay enables the finding of AMT relays (obsolete).
261–32767 n/a Unassigned.
32768 TA DNSSEC Trust Authorities enables DNSSEC without signed root.
32769 DLV DNSSEC Lookaside Validation discloses trust anchors beyond the standard DNS chain.
32770–65279 n/a Unassigned.
65280–65534 n/a For private use.
65535 n/a Reserved.
Was this article helpful?
We use cookies on our website to provide you with the best possible user experience. By continuing to use our website or services, you agree to their use. More Information.
Page top