This blog post came after a quick chat with a friend about DNS. I usually participate in meetups and blog about anything I came across. I decided to blog about DNS records for my own references. So, DNS records are used with DNS which contains data that are requested by the DNS client. Depending upon the DNS records, it will be the data return from the query. Let’s look at the commonly used DNS records:
So let’s look at the commonly used DNS records:
1. A record
A record store the IPv4 addresses and its hostname.
2. AAAA record
AAAA (IPv6) record store the IPv6 address of the full DNS name.
Although an A can contain all the IP address1.
Example: Mail as a subdomain pointed to mail.google.com
The Mail Exchange (MX) record identifies a mail server for that DNS name. Simple, right?.. Example if we have testemail.google.com pointed to an email server, it means that the email server is accepting email for that DNS name. MX records have priority values. The lowest it is, the first the priority is.
A Service record (SRV) is a location of a specific service on the network. An example is Active Directory (LDap) that use SRV to allow clients identified service such as Domain Controllers on the network. It simply contain data about the service. It contains four piece of information:
- Target – Hostname offering the service
The SOA (Start of Authority) For each zone created in the DNS, there is only one SOA record created associated with the zone. It contains information for the primary name server for that zone, precisely a read/write copy of the zone and is considered the DNS server with the most authority for that zone. It is also the DNS server that is considered the most up to date server to answer queries about DNS. It contains the following:
- One SOA record created associated with the zone.
- It has the primary server which holds a read/write copy of that zone
- It has the E-mail address of the administrator for contact by the public
- SOA contains a serial number for that zone – Each change in a zone, the serial number is incremented and is used to keep duplicated copies of the zone data known as secondary zones in sync.
- It also holds the refresh time for a particular zone which is used by the secondary to check for updates for that zone.
The NS – Name Server zone contain the authority DNS server. It can be a DNS servers that has a secondary zone even if its considered a copy, it is still considered an authority for that zone. When a query is performed directly with the NS, it gives updated information as it don’t keep the cache.
The pointer or PTR record provides a mapping between an IP address and a name which is the opposite of an A or AAAA records. It means that if given an IP address, the name associated with that IP address can be looked up. These records are used by reverse lookup tools. PTR records are useful when you have an IP address in a log file and you want to identify the hostname or device associated with it. They are not required to run an AD server and many day to day activities.
A certificate record – CERT stores encryption certificate such as PKIX, SPKI, PGP etc.
10. TXT record
This carries machine readable data such as opportunistic encryption, sender policy framework, DKIM DMARC, etc. It provides the ability to associate arbitrary text with a host.
This blog post is pretty straight forward on the commonly used DNS record. However, there are more than that such as DNSSEC, NSEC, TKEY, etc.. Some are deprecated and some are added as per RFCs.