A DNS records is a collection of entries that map a URL to an IP address. These are stored on DNS servers. Although initially, DNS servers only had an URL to IP address mapping, they have evolved and started storing several other information about the URL. All these records have a TTL (time to live). It indicates how long the record is cached in the DNS server.
In order to access a website, a DNS server must store several mandatory records about that website and multiple other optional ones. In this article, let me explain about the most common DNS records.
The A record
The A record is the most fundamental record in a DNS record. It provides the IPv4 address of a given URL. This is the record that provides the mapping for a URL to an IP address. The browser automatically fetches this record by sending a query to a DNS server.
example.com IN A 192.168.1.42
They are also used for DNSBL list (DNS Blackhole). This is used my mail servers for blocking known mail spammers.
Typically there is only one A record for a single domain name but there can also be many in some cases. This allows to perform load balancing across servers. For example, Route53 in AWS has several multi-region load balancing options based on the health, weight, round-robin, etc. Refer here for more info.
The default TTL of A record is 14400 seconds or 4 hours.
The AAAA record
DNS AAAA records match a domain name to an IPv6 address. DNS AAAA records are exactly like DNS A record except that they store a domain's IPv6 address instead of its IPv4 address.
IPv6 are longer form IP address created to address the limitations of IPv4. It is 128 bit whereas IPv4 is 32 bit. This radically increases the number of possible IPv6 addresses.
Except for this change, everything else is same as the A record.
The CNAME record
The CNAME or Canonical Name is used to notate when a subdomain is an alias of another domain. All CNAME records must point to a domain, never to an IP address.
A lot of websites have domains have subdomains like www.google.com, m.google.com, etc. These domains are pointed to A record(google.com) in a CNAME record. Thus the client can fetch the actual IP address. Once the actual IP address is obtained, the URL is then processed as is, meaning if shop.amazon.com is the URL, it will have a CNAME to amazon.com and after knowing the actual IP from the A record, the route will still be processed as shop.amazon.com by the server.
A CNAME record can also point to another CNAME record but it is mostly inefficient because it requires two hops to reach the IP address.
Some cloud providers have similar concept but with different name. For example, AWS Route53 has an Alias record which is similar to a CNAME record but a Alias record can point to specific AWS resources like S3 bucket, ELB, API gateway, Cloudfront, etc.
The MX record
A DNS 'mail exchange' (MX) record directs email to a mail server. It provides information on how to route emails following the SMTP protocol.
a.example.com. IN MX mailhost1.example.com
The MX records must always point to a domain name.
Why exactly is a MX record needed?
Similar to how an A record provides information about the IP address, MX record provides information about the mail server. This query is performed by a Mail Transfer Agent(MTA). The MTA then establishes connections to those servers via SMTP protocol.
If you are setting up a custom email domain using a provider like Google Workspace for example, then you must configure the MX record and point it to Google’s mail servers.
The TXT record
The TXT record allows a domain administrator to place text notes.
a.example.com. IN TXT hello
Most DNS providers place a limit on the number of characters that can go into the TXT record thus it cannot store large values. AWS Route53 has a limit of 255 characters Refer
One of the main purposes these days of a TXT record is domain ownership verification. This comes into play in several places. Examples:
- You registered a domain from a domain registrar and now you wish to host a web application using another hosting service (like https://vercel.com/) in that domain. You have to first verify the ownership via a text record.
- If you are managing SEO for a website(example https://search.google.com/search-console), you have to first confirm it is your site using a TXT record.
The NS record
An NS record (NameServer record) is a DNS record that contains the name of the authoritative name server for that domain. It really is another DNS server that could contain your DNS record. This can also be considered a backup mechanism. For example,
a.example.com. IN NS c.example.com
c.example.com. IN A 192.168.1.2
If you have the above configuration,
If a client requests for a.example.com (or any other subdomains like b.example.com) it will be redirected to 192.168.1.2 to get the actual IP address.
A single domain can have multiple NS records for increased availability. Typically, there is one primary name server and multiple secondary name servers. Updating the primary nameserver will trigger an update of the secondary nameservers as well.
The SOA record
The SOA record(Start of Authority) record stores important information about a domain such as the email address of the administrator, when the domain was last updated, and how long the server should wait between refreshes. All DNS zones need an SOA record in order to conform to IETF standards
Follow up
Here is the list of all the other DNS records: https://en.wikipedia.org/wiki/List_of_DNS_record_types
Thanks for reading :-)