Open in app

Sign in

Write

Sign in

Common DNS record types explained

Keet Malin Sugathadasa
5 min readAug 26, 2023

--

Domain Name Systems (or DNS) is a global system that is responsible for translating human-readable hostnames into their corresponding IP (Internet Protocol) addresses. DNS record types on the other hand are entries that explain how to resolve each hostname. The DNS resolver uses these DNS records to translate the hostname into relevant IP addresses.

In this article, let's take a look at the most common DNS record types and understand when they are used.

What is a DNS record?

DNS records (aka zone files) are simple instructions on how a hostname should be mapped to an IP address. These records live in DNS servers. Each record contains the following attributes (at least).

  • name: this will be the hostname (e.g: example.com)
  • value: the IP address or another value based on the record type (e.g. 10.20.30.40)
  • type: this is the record type (e.g. A record)
  • TTL: Time To Live, indicates how often a DNS server will refresh that record (e.g. 60 seconds)

Common DNS Record Types

Let’s take a quick look at the following most common DNS record types. This list also covers all the AWS Route53 record types.

  1. A records
  2. AAAA records
  3. CNAME records
  4. NS records
  5. MX records
  6. TXT Records
  7. CERT Records
  8. PTR Records
  9. SRV Records
  10. CAA Records

A Records (Address Records)

This is the most common and most important DNS record type. An A record shows the IPV4 address for a specific hostname or domain. These records reside at the authoritative DNS servers.

  • Type: A
  • Domain Name: example.com
  • IP Address: 10.24.34.44
  • TTL: 1 hour

AAAA Records

Same as A Records, but these records point to an IPV6 address for a specific hostname or domain.

  • Type: AAAA
  • Domain Name: example.com
  • IP Address: 2001:db8:3333:4444:5555:6666:7777:8888
  • TTL: 1 hour

CNAME Records (Canonical NAME Records)

These records point a domain name or hostname (aka alias) to another domain name or hostname (aka canonical name). They do not point to an IP address. It is important to note that you can add only one CNAME record per hostname.

This can prove convenient when running multiple services (like an FTP server and a web server, each running on different ports) from a single IP address.

CNAME records usually contain subdomains that point to a domain’s A or AAAA record. This prevents having to create an extra A or AAAA record for each subdomain.

It is not recommended to have CNAME records pointing to other CNAME records, as this creates unnecessary steps in the DNS lookup process.

  • Type: CNAME
  • Domain Name (alias): ftp.example.com
  • Domain Name (canonical name): example.com
  • TTL: 1 hour

NS Records (Name Server Records)

These records specify an Authoritative DNS server for a domain or a hostname. NS records help find the right DNS server for browsers to find the IP address for a domain name. When a browser is resolving a DNS record, usually it asks from multiple nameservers until it locates the correct Authoritative DNS server to fetch the IP address. Basically, it specifies that a DNS Zone, such as “example.com” is delegated to a specific Authoritative Name Server, and provides the address of the name server.

  • Type: NS
  • Domain Name: example.com
  • Name Server: ns1.example.com
  • TTL: 1 hour

MX Records (Mail Exchange Records)

These records show where emails for a domain should be routed. This allows traffic following the SMTP protocol, to be routed to their relevant mail servers (mail exchange).

Since mail servers also have backup mail servers, you are allowed to have multiple MX records for the same domain. For this the attribute Priority routes traffic to the primary and backup mail servers. For example, MX record with priority 10 will be the primary mail server, while the secondary server will only be used when the primary server is unavailable (or fails to send emails).

An MX record can only point to a name of an email server. This means that each referenced email server must also have a valid A record specifying its IP address

  • Type: MX
  • Domain Name: example-mail.com
  • Mail Server: mail.example.com
  • Priority: 10
  • TTL: 1 hour

TXT Records (Text Records)

Allows administrators to add limited human and machine-readable notes and can be used for things such as email validation, site, and ownership verification, framework policies, etc., and doesn’t require specific formatting.

The TXT record allows you to add and store text-based information about a domain name. There are all kinds of TXT records and some of them people can easily understand, and others are specifically for machines to read.

  • Type: TXT
  • Domain Name: example.com
  • Value: verification=some-server.com (any text you want)
  • Priority: 10

CERT Records (Certificate Records)

CERT records provide a space for storing certificates and related certificate revocation lists (CRL). The certificates can verify the authenticity of sending and receiving parties, while CRLs identify unauthorized parties.

  • Type: CERT
  • Domain Name: example.com (domain name which is being certified)
  • Value: (Base 64 encoded string of the certificate)
  • Cert Type: PGP (Defines the type of certificate/CRL used. Eg: PKIX, SPKI, etc)
  • Algorithm: RSA (algorithm used to produce the certificate/CRL)

PTR Records (Pointer Records)

This provides a domain name for reverse lookup. It’s the opposite of an A record as it provides the domain name linked to an IP address instead of the IP address for a domain.

  • Type: PTR
  • IP Address: 10.22.11.40
  • Value: example.com
  • TTL: 1 hour

SRV Records (Service Records)

With this, it is possible to store the IP address and port for specific services. It allows services such as instant messaging or VoIP to be directed to a separate host and port location.

  • Type: SRV
  • Service: name of the service (eg: xmpp-server)
  • Value: example.com. (the canonical hostname of the machine providing the service, ending in a dot.)
  • Protocol: TCP or UDP
  • TTL: 1 hour
  • Port: 3333 The TCP or UDP port the service is running on
  • Priority: 23 (The priority of the target host, lower value means more preferred among same service records)
  • Weight: 12 (A relative weight for records with the same priority, higher value means more preferred.)

CAA Records (Certification Authority Authorization Records)

This allows domain owners to state which certificate authorities can issue certificates for that domain. If no CAA record exists, then anyone can issue a certificate for the domain. CAA records can set policy for the entire domain, or for specific hostnames.

They are also inherited by subdomains, therefore a CAA record set on domain.com will also apply to any subdomain, such as subdomain.domain.com (unless overridden).

  • Type: CAA
  • Domain: example.com (Domain name/Subdomain)
  • Flag: 0/182 (0 means non-critical, 182 means critical)
  • Type: issue/issuewild/iode
  • Value: caa.example.com (The value given from the preferred CA)
DNS
Dns Records
Route 53
Networking

--

--

Keet Malin Sugathadasa

Written by Keet Malin Sugathadasa

48 Followers

Lead SRE at ASAPP | AWS,ITIL4,Hashicorp Certified

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams