Questions tagged [domain-name-system]

The Domain Name System, usually referred to by the acronym DNS, is a hierarchical, distributed database where the keys are domain names. Questions involving publicly accessible domains should include the real, Fully Qualified Domain Name (FQDN)

DNS is the Domain Name System, a hierarchical, distributed database where the keys are domain names.

The primary references are:

RFC 1034 - Domain Names - Concepts and Facilities
RFC 1035 - Domain Names - Implementation and Specification

These documents collectively form STD 13. RFC 2181 is a frequently cited reference for STD 13 that addresses some of the more confusing areas of operation.

The most common record types found in the DNS are:

"A" records - the mapping from a domain name to an IPv4 address
"AAAA" records - the mapping from a domain name to an IPv6 address
"MX" records - the mapping from a domain name to the host name of an SMTP server
"NS" records - used to delegate a portion of the hierarchy to specific DNS servers
"PTR" records - typically used (via in-addr.arpa.) to map an IPv4 address back to a domain name
"CNAME" records - used to alias a domain name to its canonical version

DNS packets are conventionally transported over UDP and TCP port 53. UDP is more commonly used, but larger DNS responses and zone transfers require TCP. See RFC 5966.

This Wikipedia article provides an approachable introduction to DNS.

12405 questions

147

votes

3 answers

What's the meaning of '@' in a DNS zone file?

I have the following data in my DNS zone file for my domain: $ORIGIN mydomain.com. @ IN A 208.X.Y.Z mail IN A 208.X.Y.Z ... etc.. What does the @ line mean? I know what an A record is.. but a host with an ampersand at…

domain-name-system

asked Nov 12 '09 at 03:56

Pure.Krome

6,608
18
73
88

votes

11 answers

Private IP address in public DNS

We have an SMTP only mail server behind a firewall which will have a public A record of mail.. The only way to access this mail server is from another server behind the same firewall. We do not run our own private DNS server. Is it a good idea to…

domain-name-system

asked May 05 '09 at 02:21

Geoff Dalgas

2,516
5
31
32

votes

3 answers

How long does negative DNS caching typically last?

If a DNS server looks up a record and it's missing, it will often "negatively cache" the fact that this record is missing, and not try to look it up again for a while. I don't see anything in the RFC about the TTL on negative caching should be, so…

domain-name-system

asked Sep 12 '12 at 15:53

Leopd

1,907
4
25
30

votes

1 answer

How long does it take for DNS records to propagate?

This is a Canonical Question about DNS Propagation How long does it take for an the various types of records to propagate? Do some propagate faster than others? Why does it take time for DNS records to propagate and how does it work?

domain-name-system

asked Mar 23 '10 at 13:32

user38535

votes

7 answers

DNS failing to propagate worldwide

I haven't changed anything related to the DNS entry for serverfault.com, but some users were reporting today that the serverfault.com DNS fails to resolve for them. I ran a justping query and I can sort of confirm this -- serverfault.com dns appears…

domain-name-system

asked Jul 19 '09 at 10:30

Jeff Atwood

13,174
20
75
93

votes

5 answers

Why does DNS work the way it does?

This is a Canonical Question about DNS (Domain Name Service). If my understanding of the DNS system is correct, the .com registry holds a table that maps domains (www.example.com) to DNS servers. What is the advantage? Why not map directly to an…

domain-name-system

asked Feb 01 '12 at 17:24

sabof

votes

6 answers

DNS - Multiple A records or 1 A record and lots of CNAMEs?

Lets say I have a webserver, called 'www'. www.example.com resolves to the IP address of that machine. Then I wanna make some virtual hosts, and DNS records for them, like webmail.example.com. For 'webmail', should I put in an A record with www's IP…

domain-name-system

asked Aug 20 '09 at 09:49

Amandasaurus

32,281
69
194
263

votes

8 answers

Is there a way to use a specific DNS for a specific domain?

At work we use OpenDNS and it has wrongly blocked irc.freenode.net for malware. How can I make sure that any request for *.freenode.net goes to 8.8.8.8 and 8.8.4.4 (Google's DNS). I tried doing this by fiddling with resolv.conf on Ubuntu, but I…

domain-name-system

asked May 23 '12 at 16:37

vivin

votes

4 answers

What is the name for a DNS record starting with @?

I know that DNS records starting with * are called Wildcard records. What is the name for DNS record starting with @ (the at symbol). This is a record for the root domain (e.g. just example.com, not www.example.com) I want to find out more, but…

domain-name-system

asked Sep 11 '12 at 12:45

dunxd

9,704

votes

3 answers

How do DNS clients choose an IP address when they get multiple answers?

When a DNS server is looking up an IP address for a client, and it receives a list of multiple DNS servers to query, how does it choose one? Similarly, when a DNS client receives a list of multiple IP addresses for a FQDN, how does it choose one? Is…

domain-name-system

asked Jan 14 '10 at 23:05

bpfinn

votes

2 answers

Why is geo-redundant DNS necessary for small sites?

This is a Canonical Question about DNS geo-redundancy. It's extremely common knowledge that geo-redundant DNS servers located at separate physical locations are highly desirable when providing resilient web services. This is covered in-depth by…

domain-name-system

asked Aug 01 '15 at 06:22

Andrew B

33,098

votes

8 answers

Why should one have a secondary DNS server?

I'm very confused. I basically understand how DNS works. Here's an example that helps illustrate what I'm having trouble understanding. Right now, I run a small web-server. I use my provider's DNS manager, so I don't have a DNS server hosted on the…

domain-name-system

asked Aug 03 '11 at 21:28

Sam Levin

votes

2 answers

How do I set up a "secure" open resolver?

This is a Canonical Question about securing public DNS resolvers Open DNS servers seem pretty neat and convenient, as they provide IP addresses that we can use consistently across our company regardless of where they are located. Google and…

domain-name-system

asked Oct 09 '14 at 16:40

Andrew B

33,098

votes

2 answers

Is it possible to trace the delegation path for a DNS lookup?

I'm trying to determine why a Nagios host check is failing (hostnames and IPs have been changed to protect the guilty): : jmglov@laurana; host www.foo.com ;; connection timed out; no servers could be reached : jmglov@laurana; for ns in `grep -o…

domain-name-system

asked Mar 15 '11 at 15:38

Josh Glover

votes

3 answers

How exactly should I set up DNS to delegate authority for subdomains?

I have servers hosted at a hosting provider and they also host the DNS records for my domain names. Now I want to add subdomains that are resolved by my own DNS service. So for example: the hosting provider's name server knows the IP address for…

domain-name-system

asked Jun 17 '09 at 09:46

Hanno Fietz

1,032

2 3

…

53 54 Next