Welcome to DNS and its various components, record types, and functions!
What is DNS?
DNS is a hierarchical system that translates human-readable domain names into machine-readable IP addresses. It acts as a phonebook for the internet, allowing users to access online resources by their domain name instead of their IP address. This infrastructure is critical to the functioning of the internet and is used by every website, email service, and online application that you use.
Record Types
DNS records are the building blocks of DNS. Each record type serves a specific purpose and has its own function. Here are some of the most common record types:
A Records: A records map a domain name to an IP address. For example, the A record for google.com might map the domain name to the IP address 216.58.194.36.
CNAME Records: CNAME records specify a cononical or alternative name for a subdomain. For example, the CNAME record for mail.google.com might specify that the domain should be resolved to the IP address of smtp.gmail.com. This can have slight performance impact as this requires two lookups from the DNS resolver. A special note about CNAME records on an apex domain: they are NOT supported for pointing apex records at another domain. Some vendors will allow you to enter such a record, but core internet servers tend to reject these records.
MX Records: MX records specify the mail server responsible for handling email for a particular domain. For example, the MX record for gmail.com might specify that the mail server with the priority of 10 should be resolved to the IP address 216.58.194.36. Priority is used to direct traffic at specific servers and use higher priority servers if a lower priority server is not reachable. This is one of those weird situations where the lower the number, the higher the priority.
NS Records: NS records specify the name servers responsible for a particular domain or subdomain. For example, the NS record for google.com might specify that the name servers ns1.google.com and ns2.google.com are responsible for the domain. The domain registrar where you purchased your domain will most likely host your NS records even if you decide to host your records with a 3rd party provider.
TXT Records: TXT records are used to store text information about a domain or subdomain. For example, the TXT record for google.com might store information about the domain’s registration and usage.
SRV Records: SRV records are used to provide location-independent service discovery for applications that use TCP protocol. For example, the SRV record for gmail.com might specify that the mail server is located at the IP address 216.58.194.36.
Alias/Aname Records: Alias/aname records are used to create alternative names for a domain or subdomain. For example, the alias record for mail.google.com might specify that the domain should be resolved to the IP address 216.58.194.36 from smtp.gmail.com. The special magic here is a feature called DNS flattening. When specifying a record like this, you will create what looks just like a CNAME record, but will return an A record to caching/recursive servers. This is a nice solution when needing to point an apex record to another domain or service.
TTL
TTL (Time To Live): TTL is a parameter that specifies how long a DNS record is cached by a DNS server before it is invalidated and updated from the authoritative source. A longer TTL means that the record will be cached for a longer period, reducing the number of queries to the authoritative name servers. This can decrease load on your DNS servers and lower costs if you use a provider that charges based on the number of records it serves at the expense of changes taking longer to take affect.
Common Issues with DNS
Here are some common issues you might encounter when working with DNS:
DNS Propagation Delay: It can take several hours for DNS changes to propagate across all DNS servers worldwide. This can cause delays in mail delivery and other online services that rely on DNS resolution.
DNS Cache: Many devices, including routers and web browsers, cache DNS records to improve performance. This can cause issues if the cache is not properly updated, leading to stale or incorrect DNS resolutions. With some recursive DNS servers, they will hold on to records much longer than the TTL and further cause propagation delays.
Domain Name Expiration: Domain names have a limited lifespan and can expire if not renewed. This can lead to issues such as email delivery failures and website availability. Most vendors will give you a short grace period if you forget to renew your domain. There are some bad actors out there that will monitor for expired domains and purchase them. They will be more than happy to sell you your domain back at a profit. Don’t let your domains expire!
DNS Security Risks: DNS is vulnerable to security risks, including DNS cache poisoning and DNS amplification attacks. These attacks can cause DNS resolutions to be incorrect or misleading.
TTL (Time To Live) Issues: A too-short or too-long TTL can cause issues with DNS resolution. A too-short TTL may not allow the DNS server to cache the record long enough, while a too-long TTL may cause the DNS server to cache the record for too long, leading to stale records.
Hopefully this article has provided you with an overview of DNS. Happy interneting!