DNS Records

DNS records aka zone files are instructions that live in authoritative DNS servers and provide information about a domain including what IP address is associated with that domain and how to handle requests for that domain

These records consists of a series of text files written in what is known as DNS syntax. It is just a string of characters used as commands that tell the DNS server what to do. All DNS records also have a TTL, which stands for Time To Live, and indicates how often a DNS server will refresh that record.

Most common types of DNS records

  • A record

    • the record that holds the IP address of domain

  • AAAA record

    • the record that contains IPv6 address for a domain, as opposed to A records which list the IPv4 address

  • CNAME record

    • forwards one domain or subdomain to another domain, does NOT provide an IP address

  • MX record

    • directs mail to an email server

  • TXT record

    • lets an admin store text nodes in the record, these records are often used for email security

  • NS record

    • stores the name server for a DNS entry

  • SOA record

    • stores admin information about a domain

  • SRV record

    • specifies a port for specific services

  • PTR record

    • provides a domain name in reverse-lookups

Less commonly used DNS records

  • AFSDB record - used for clients of Andrew File System developer by Carnegie Melon. this record functions to find other AFS cells

  • APL record - the 'address prefix list' is an experimental record that specifies lists of address ranges

  • CAA record - this is the 'certification authority authorization' record, it allows domain owners state which certificate authorities can issue certificates for that domain. If no CAA record exists, then anyone can issue a certificate for that domain. These records are also inherited by subdomains.

  • DNSKEY record - it contains a public key used to verify DNSSEC signatures.

  • CDNSKEY record - this is a child copy of DNSSEC record, meant to be transferred to a parent.

  • CERT record - the 'certificate record' stores the public key certificates

  • DCHID record - the DHCP identifier stores info about the Dynamic Host Configuration Protocol and standardized network protocol used on IP networks.

  • DNAME record - the delegation name record creates a domain alias, just like CNAME, but this alias will redirect all subdomains as well. For instance if the owner of 'example.com' bought the domain 'website.net' and gave it a DNAME record that points to 'example.com', then that pointer would also extend to 'blog.website.net' and any other subdomains.

  • HIP record - this record uses Host Identity Protocol, a way to separate the roles of an IP address, this record is used most often in mobile computing

  • IPSECKEY record - this record works with the Internet Protocol Security, and end-to-end security protocol framework and part of IP suite

  • LOC record - the location record contains geographical information for a domain in the form of longitude and latitude coordinates

  • NAPTR record - the name authority pointer record can be combined with SRV record to dynamically create URIs to point based on a regular expression

  • RRSIG record - the resource record signature is a record to store digital signatures used to authenticate record in accordance with DNSSEC

  • RP record - this is the responsible person record and it stores the email address of the person responsible for that domain

  • SSHFP record - this record stores the SSH public key fingerprints,

Last updated