What is DNS? | How DNS works DNS is what lets users connect to websites using domain names instead of IP addresses. Learn how DNS works.
Definition
The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.
Each device connected to the Internet has a unique IP address which other machines use to find the device. DNS servers eliminate the need for humans to memorize IP addresses such as 192.168.1.1 (in IPv4), or more complex newer alphanumeric IP addresses such as 2400:cb00:2048:1::c629:d7a2 (in IPv6).
How DNS works
The process of DNS resolution involves converting a hostname (such as www.example.com) into a computer-friendly IP address (such as 192.168.1.1). An IP address is given to each device on the Internet, and that address is necessary to find the appropriate Internet device - like a street address is used to find a particular home. When a user wants to load a webpage, a translation must occur between what a user types into their web browser (example.com) and the machine-friendly address necessary to locate the example.com webpage.
In order to understand the process behind the DNS resolution, it’s important to learn about the different hardware components a DNS query must pass between. For the web browser, the DNS lookup occurs “ behind the scenes” and requires no interaction from the user’s computer apart from the initial request.
DNS records
DNS records (aka zone files) are instructions that live in authoritative DNS servers aka (Name Servers) and provide information about a domain including what IP address is associated with that domain and how to handle requests for that domain. These records consist of a series of text files written in what is known as DNS syntax. DNS syntax is just a string of characters used as commands which tell the DNS server what to do. All DNS records also have a ‘TTL’, which stands for time-to-live, and indicates how often a DNS server will refresh that record.
You can think of a set of DNS records like a business listing on Yelp, that listing will give you a bunch of useful info about a business such as their location, hours, services offered, etc. All domains are required to have at least a few essential DNS records for a user to be able to access their website using a domain name, and there are several optional records that serve additional purposes.
Common DNS record Types
A Record:
A Records are the most basic type. **The “A” stands for “Address,” **as their function is to tie a domain name or URL directly to an IP address.
CNAME:
Canonical Name (CNAME) Record is used in the Domain Name System (DNS) to create an alias from one domain name to another domain name. A common use is to forwards one domain or subdomain to another domain, does NOT provide an IP address.
MX Record:
Mail Exchange (MX) records are DNS records that are necessary for delivering email to your address. This record connect the domain name to an email service such as Exchange or google Workspace.
TXT record:
The DNS 'text' (TXT) record lets a domain administrator enter text into the Domain Name System (DNS). Common uses for a TXT record is to verify a domain name or to add security to an email service associated with the domain name.
** The TXT record is used to apply DKIM and DMARC for email security.*
NS record:
The NS records or Name Server Records identify the name servers, responsible for your DNS zone. Basically it points the domain to the server that is being used to set the all DNS records.
SOA record:
Stores admin information about a domain. Learn more about the SOA record.
SRV record:
Specifies a port for specific services. Learn more about the SRV record.
PTR record:
Provides a domain name in reverse-lookups. Learn more about the PTR record.
SPF record
An SPF (Sender Policy Framework) record is a type of TXT record in your DNS zone file. SPF records help identify which mail servers are permitted to send
DKIM record
DKIM stands for DomainKeys Identified Mail and is used for the authentication of an email that's being sent. Like SPF, DKIM is an open standard for email authentication that is used for DMARC alignment. A DKIM record exists in the DNS, but it is a bit more complicated than SPF
DMARC record
A DMARC record is the core of a DMARC implementation in which the DMARC record rulesets are defined.
DMARC
DMARC** (Domain-based Message Authentication Reporting and Conformance)** is an email validation system designed to protect your company’s email domain from being used for email spoofing, phishing scams and other cybercrimes.
Tools
Here are some links to useful DNS inspection tools