DNS, or the Domain Name System, is the method that the Internet uses to attach human-usable domain names to the machine-usable IP addresses that we almost never see. This document provides a primer for DNS, introduces common concepts, and provides instructions for common DNS configurations.
Contents
Domain names have a particular structure that you've undoubtedly seen before, but may not have had the opportunity to gain complete understanding of.
We read domain names as a series of terms with the most specific terms on the left and least specific terms on the right. As a result, we tend to read domains "backwards." Here is an example domain:
mail.trunkles.bleddington.org
The top level domain or "tld," in this case .org is the least specific part of the domain name. There are many domains under the "org" top-level-domain, and anyone can register an unclaimed domain below .org.
Every term, separated by a dot (period/full stop) is considered a subdomain with decreasing specificity, though conventionally the first-level domains are refereed to as simply "domains." In the example above, "bleddington" is the first-level domain.
Moving to the left, "trunkles" and "mail" are the second and third level subdomains, respectively. Typically subdomains are used to uniquely identify specific machines or services, though the use of subdomains of any level is typically decided by the owner of the less specific domain.
The DNS system is reasonably complex and is, for the most part, beyond the scope of this introduction. DNS is a distributed system that allows users of the Internet connect to "resources" (servers) without specifying the IP addresses of the machines in question. A system of "nameservers" publish information regarding DNS records and their associated IP addresses. Then a system of caching DNS servers (or resolvers) collect and store this DNS information and provide this information whenever requests are made.
While you can host the authoritative DNS servers for any domain you own, a common practice is to use the authoritative DNS services provided by domain name registers or a hosting provider. Similarly, any connected machine can run a caching server of its own or connect to any resolver you choose, however, in most instances people use DNS resolvers provided as part of their Internet connectivity.
The most important features of this that we should remember as we explore the different kinds of records are:
Every DNS record has a "TTL" or "time to live" setting, which controls how long a record can exist in the DNS system before it is invalidated. Practically, TTL controls how long DNS records are cached by DNS resolvers before the resolver must query the authoritative name servers for new records. TTL is specified in number of seconds.
If you change a DNS record, resolvers that have requested the record will continue to resolve the original records until the TTL expires. For this reason, always edit DNS records to shorten its TTL prior to making a change to DNS records, and wait for the TTL to expire before expecting DNS records to be fully propagated.
There are a number of different DNS records that you have probably heard about, and that you may need to create or modify to meet your own needs. This section provides a brief over view of what kind of information each record provides, and in what instances a client may request and use this information when fulfilling a request.
NS records point a domain or any subdomain at an authoritative DNS nameserver. The nameserver will then publish authoritative records for that domain or subdomain.
For instance, you might tell your domain registrar to delegate authoritative DNS to Linode's name servers (ns1.linode.com, ns2.linode.com, ns3.linode.com, ns4.linode.com, ns5.linode.com). You would then create and manage your DNS records using the DNS Manager in the Linode Manager.
You may then realize that you need to delegate control of the DNS for a single subdomain of your domain to an alternate DNS service. You would then create NS records that point that subdomain at the alternate name servers.
For a more clear example, we'll register bleddington.com with the fictitious registrar "morris-NIC" and use their service to create NS records for bleddington.com that point to Linode's DNS servers.
Then, if you wanted to manage the trunkles.bleddington.com website on an alternate service, you would create records that delegated the DNS for the "trunkles" subdomain to another set of DNS servers.
MX records, or "Mail Exchange" records provide information regarding mail servers for routing of SMTP traffic to appropriate mail servers. MX records must point at a name (a domain) that's resolvable by DNS (an A record on the authoritative server for that domain.)
You can delegate MX records for any domain that you control to any mail server running on any domain, as long as that domain is publicly resolvable. Often, MX records for a domain are created to point to the mail.example.com record, but if you host more than one domain you may wish to simplify your setup by only hosting a mail server on one domain/one machine. Alternately, you may wish to delegate mail for your domain to some third party email service provider.
Remember, MX records identify the hostnames to which mail will route. Furthermore, MX records must point to resolvable hostnames, servers which have DNS records that point to an IP address (be they on your servers or on another server).
"A records" point domain and subdomains controlled by the name server to an IP address. These are the "core" records of the DNS system that allow it to perform its central task of routing names to.
You can (and probably will) create an A record for your domain that points the first level domain that you have control over (e.g. bleddington.com) to the IP for your Linode. You will also likely want to set up a records for each subdomain that point that subdomain (or host name e.g. trunkles in trunkles.bleddington.com) to the appropriate IP address.
You can point multiple subdomains (and sub-subdomains, e.g. figures.trunkles in the figures.trunkles.bleddington.com name) at a single IP address, as well as pointing the subdomains of one domain at multiple IP addresses.
A records and AAAA records serve the same purpose; however, A records point to IPv4 addresses, while AAAA records point to IPv6 addresses.
TXT records provide human and machine readable values in the DNS record to support functionality like the Sender Policy Framework (SPF), which is a method for verifying the authenticity of an email sender. TXT records are often very specialized, and there are only a handful of general use purposes for TXT records.
SRV records, or service records, are among the newest kind of DNS record, providing information about specific services that run on your domain. They contain information regarding not only service name, but TCP port number as well. A common use of SRV records is for facilitating the federation of Jabber/XMPP servers between domains.
CNAME records provide domain aliasing, which allows you to point one domain at another domain. CNAME records are useful for redirecting traffic from one domain to another, but cannot be used if the name being directed is a CNAME. MX records cannot reference CNAME-defined hostnames.
To configure a subdomain, create an A record with the hostname of the subdomain that you want to create. (e.g. trunkles in the case of trunkles.bleddington.com) that points to the IP address of the machine that you want to host that subdomain.
To host multiple domains on one machine, simply point A records for those domains to the IP address for that machine. Multiple domains can (and frequently do, as in name-based HTTP hosting) point to the same IP address.
If you have more than one machine, but only one domain, simply point A records with machine-specific hostnames to each IP address for all machines that need domain names. One machine will be the "front end" for this domain, by virtue of first-level domain's A record pointing to it, but if needed it can serve as a proxy for services provided by other machines. Alternately, your machines could exist in a flat layout.
To route email to a third party email service, create MX records that associate your mail server (e.g. mail.trunkles.org) with a hostname provided by the third party service. This hostname is not an email address, and must refer to a routable IP address.
You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.
This guide is licensed under a Creative Commons Attribution-NoDerivs 3.0 United States License.
Last edited by Phil Paradis on Tuesday, May 17th, 2011 (r2018).
