DNS Records Explained

Hello everyone in this video we're going to  be talking about DNS records. Now if you saw my original DNS video, I talked about how DNS works.  But in this video we're going to talk about the specifics of DNS records that you would find in a  DNS server's database.

So as a refresher, DNS stands for domain name system. And the most basic job of  DNS is to resolve domain names to IP addresses. And the reason it has to do this is because computers don't understand names, they only understand  numbers.

A domain name is just a text that you  type in a web browser when you want to go to a certain website such as example. com, google. com,  yahoo.

com, and so on. So when you type in a domain name such as example. com in a web browser, DNS will resolve that domain name into an IP address so you can retrieve the website.

Now in a DNS hierarchy  there are three main levels of servers. There are the root servers, the top level domain servers,  and the authoritative name servers. But of these three the DNS servers that are responsible for  storing the DNS records for resolving domain names to IP addresses are the authoritative name  servers because they are responsible for knowing everything about the domain name, including  the IP addresses and much more.

But in order for your query to resolve example. com into an IP  address, it needs to know which name server to ask So in order to find the correct name server,  the query must first go through the top of the DNS hierarchy which is the root server. And  once it reaches the root server, the root server will look at example.

com and will forward the  query to the correct top level domain server. The top level domain server is responsible for  information of top level domains, such as . com .

net . org and so on. So in this case the  root server will forward the query to the .

com top level domain server because the top level  domain for example. com is . com.

And then the top level domain server will forward the query to  the specific authoritative name server that's responsible for the example. com domain. And once  the query reaches the name server, example.

com will be resolved to the IP address so the website can  be retrieved. So in a DNS database you have what's called a DNS zone file and this file contains the  DNS records. Now there are numerous DNS records but I'm only going to talk about the most common  ones.

Hey guys I just want to break in this video and tell you about my partnership with Aura. Now anyone can find anything on the internet including your full legal name, your personal  email, home address, phone number, and even your relatives. Now this information is accessible  because of data brokers who profit by selling your information to robocallers, telemarketers,  spammers, and anyone else that wants to learn more about you.

So that's why I want to tell you  about my partnership with Aura. Aura we'll identify brokers that are exposing your information and  automatically submit opt-out requests on your behalf. The first time I used Aura I was surprised  to see that over 20 data brokers had information about me and Aura quickly went to work to remove  that information.

Aura also has an app that features an antivirus, password manager, and real-time credit  and identity theft monitoring that will alert you if there's a credit inquiry in your name. And I  know a lot of my viewers are going to like this but the app even has a super fast built-in VPN so  you can surf the Internet safely and anonymously In fact the VPN is so fast that there's hardly any  difference when I did a speed test on my computer and you can see the speed test results here with  and without using Aura's VPN. So Aura has almost every internet safety tool you'll ever need, all  inside one app.

And if you sign up right now they will give you a two-week free trial and you'll  be shocked of how much your private information Aura finds exposed over those two weeks. So just go  to aura. com/powercert which will be in the link in the description below or you can  scan the QR code on the screen to try two weeks for free and see for yourself how many data  brokers are sharing your personal information.

So the first DNS record is the A record or address  record. And this is the most common DNS record This is what resolves a domain name to an IP address. To be specific it resolves to an IPv4 address which is a 32-bit numeric address.

So in the example  we just did earlier, when you type in a domain name such as example. com in a web browser, the  A record is what DNS uses to resolve a domain name to an IP address. And then we also have  the TTL or time to live, this field tells us how long each record is valid until the next  update.

And then there's also the quad A record And this record is just like the A record. So  both A and quad A records resolve domain names to IP addresses, but the difference is, is that  quad A records resolve domain names to IPv6 addresses. An IPv6 address is 128-bit alphanumeric  address that's replacing the older IPv4 addresses The next DNS record is called CNAME or canonical  name.

And what this does is that it resolves a domain or subdomain to another domain name. So  basically it's an alias for another domain name So as an example, computers read domain names from right to left and domain names will have several parts: a root domain, a top level domain, a second  level domain, and a subdomain. So when we look at example.

com there is also a hidden dot right after  com even though it's hidden and we don't see it but that dot is the root domain. The . com is the  top level domain and example is the second level domain.

But if there is an additional name to the  left of a second level domain then that would be a subdomain. So for example www is a common subdomain, which is why it is common to create a CNAME record pointing www. example.

com to example. com. Which is why when you type example.

com or www. example. com in your web browser you'll end up at the same  example.

com website because of that CNAME record Subdomains are also often used when a website has  different services running on the same server and are using the same IP address. So as an example  let's say that example. com has an FTP service running on the same server as their website.  

So in this case they can create a subdomain such as ftp. example. com for their FTP service  on the server and then they can create a CNAME record and have it directed to example.

com. So now when users type in ftp. example.

com in their web browser, DNS will look at the CNAME record and forward the users to example. com. Now even though it's pointing to example.

com but once  the request reaches the web server, the web server will inspect the URL that the user  has typed and direct it to its FTP service on the server. So CNAME records are similar to A records but the difference is, is that A records resolve domain names to IP addresses while  CNAMES resolve domain names to domain names And the next DNS record is MX record or mail  exchanger record. And this record is used for email.

The MX record simply points to the server  where emails should be delivered for that domain name. So for example when you send an email to Tom@example. com, your MTA or mail transfer agent will query the MX records for example.

com because  it's looking for an email server. And then DNS will respond back telling the MTA which server  to send the email to which in this case would be mail1. example.

com because that's what the MX  record points to. So that's basically what the MX record does, it tells the world which server  to send email to for a particular domain name Now MX records will generally have  two entries, a primary email server and a secondary email server along with  priority numbers. The lower the priority number means that it's the primary email  server.

But if the primary email server gets overwhelmed or goes down, then the  secondary email server would be used And the next DNS record is called SOA which stands  for start of authority. And what this does is that it stores administrative information about a DNS  zone. So what are DNS zones?

Well a DNS zone is a section of a domain name space that a certain  administrator has been delegated control over. DNS zones allow a domain namespace such as example. com to be divided into different sections.

So if we look at the domain example. com, if this domain was  broken down into three sections or subdomains such as shop. example.

com, blog. example. com, and  support.

example. com, the head administrator could create DNS zones and delegate control over  these subdomains to different administrators if he chooses to. So let's say that the shop and  blog subdomains have only a few computers in each domain and the support subdomain has many  computers.

So since these two only have a small amount of computers, the head admin could create  one zone for these two subdomains and assign an administrator to manage it. But since support  has so many computers, the head administrator has created another separate zone just for the support  subdomain and then he or she will assign another administrator to manage it. So DNS zones are  created for manageability purposes and each will have their own DNS zone file which contains an  SOA record.

So here is an example of an SOA record So just to go over a few of these categories. The  MNAME is the primary name server. The RNAME is the email address of the administrator for this zone,  where this dot here represents the @ symbol in an email.

And the serial number is a number that  represents a version in the zone. So whenever an update happens in the zone, the serial number  will change which tells the secondary servers to update as well. And the next record is the  NS record which stands for name server.

Now this record, just like its name says, provides the  name of the authoritative name server within a domain. So as I stated previously, the name server  contains all the DNS records necessary for users to find a computer or server on a local network  or on the Internet. It is a final authority in a DNS hierarchy.

And an NS record would generally  list two name servers: a primary and a secondary And the next DNS record is called SRV which  stands for service record. Now the previous DNS records that we talked about will point to  a server or an IP address. But a service record will point to a server and it'll also point to  a specific service by including a port number.

So when an application needs to find the location  of a service on a domain such as voice over IP, instant messaging, or a printer, it will look for  a service record to see if there's a listing for that specific service and it will direct it  to the correct server and correct port number And then we have a PTR or pointer record. Now this  record is basically the reverse of an A or a quad A record. So as you remember, A and quad A records  resolve domain names to IP addresses but PTR records do the opposite, they resolve IP addresses  to domain names.

PTR records are attached to email and are used to prevent email spam. So whenever an  email is received, the email server uses the PTR record to make sure that the sender is authentic  by matching the domain name in the email with its authentic IP address. This is what's known as a  reverse DNS lookup.

But if an email that is sent does not match with its correct and authentic  IP address, the email will be flagged as spam And our last record is the TXT or text. Now this record contains miscellaneous information about a domain such as general  or contact information. These are also used to prevent email spam by making sure  incoming email is coming from a trusted or authorized source.

They can also contain  other miscellaneous texts such as be sure you sign up for Aura's two-week free trial  at aura. com/powercert. So guys I want to thank you for watching this video.