Home
Services
Cybersecurity Website Design

Network Security Design

Network Visibility Design

Technical Marketing Management

Virtual Cybersecurity Solutions Architect
At Sovergence we specialize in delivering top-tier cybersecurity design, technical marketing, and consulting solutions. Our customized services drive business success and help our clients reach the next level. We excel in enhancing the service portfolios of Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), Value-Added Resellers (VARs), and Managed IT Service Providers. Our offerings include advanced technical design services, detailed architectural documentation, effective sales tools, and comprehensive technical marketing tools. These empower organizations to provide superior solutions and foster growth.
Articles
About
Contact

DNS: Types of DNS Records, DNS Servers and DNS Query Types

Need a refresher on DNS concepts? This post introduces DNS and explains:

three types of DNS queries—recursive, iterative, and non-recursive
three types of DNS servers—DNS Resolver, DNS Root Server, and Authoritative Name Server
ten types of common DNS records—including A, AAAA, CNAME, MX, and NS

Finally, we’ll give you a sneak peek into the amazing things the next generation of DNS servers can achieve.

How DNS Works

DNS is a global system for translating IP addresses to human-readable domain names. When a user tries to access a web address like “example.com,” their web browser or application performs a DNS Query against a DNS server, supplying the hostname. The DNS server takes the hostname and resolves it into a numeric IP address to which the web browser can connect.

A DNS Resolver component is responsible for checking if the hostname is available in the local cache. If not, it contacts a series of DNS Name Servers until it eventually receives the IP of the service the user is trying to reach and returns it to the browser or application. This usually takes less than a second.

DNS Types: 3 DNS Query Types

There are three types of queries in the DNS system:

Recursive Query

In a recursive query, a DNS client provides a hostname, and the DNS Resolver “must” provides an answer—it responds with either a relevant resource record or an error message if it can’t be found. The resolver starts a recursive query process, starting from the DNS Root Server until it finds the Authoritative Name Server (for more on Authoritative Name Servers, see DNS Server Types below) that holds the IP address and other information for the requested hostname.

Iterative Query

A DNS client provides a hostname in an iterative query, and the DNS Resolver returns the best answer possible. If the DNS resolver has the relevant DNS records in its cache, it replaces them. If not, it refers the DNS client to the Root Server or another Authoritative Name Server nearest to the required DNS zone. The DNS client must then repeat the query directly against the DNS server it was referred.

Non-Recursive Query

A non-recursive query is a query in which the DNS Resolver already knows the answer. It either immediately returns a DNS record because it already stores it in the local cache or queries a DNS Name Server which is authoritative for the record, meaning it holds the correct IP for that hostname. In both cases, there is no need for additional rounds of queries (like in recursive or iterative queries). Instead, a response is immediately returned to the client.

DNS Types: 3 Types of DNS Servers

The following are the most common DNS server types used to resolve hostnames into IP addresses.

DNS Resolver

A DNS resolver (recursive resolver) is designed to receive DNS queries, which include a human-readable hostname such as “www.example.com,” and is responsible for tracking the IP address for that hostname.

DNS Root Server

The root server is the first step in the journey from hostname to IP address. The DNS Root Server extracts the Top Level Domain (TLD) from the user’s query — for example, www.example.com —… provides details for the .com TLD Name Server. That server will provide details for domains with the .com DNS zone, including “example.com.”

There are 13 root servers worldwide, indicated by the letters A through M, operated by organizations like the Internet Systems Consortium, Verisign, ICANN, the University of Maryland, and the U.S. Army Research Lab.

Authoritative DNS Server

Higher-level servers in the DNS hierarchy define which DNS server is the “authoritative” name for a specific hostname, meaning it holds the up-to-date information for that hostname.

The Authoritative Name Server is the last stop in the name server query—it takes the hostname and returns the correct IP address to the DNS Resolver (or if it cannot find the domain, returns the message NXDOMAIN).

DNS Types: 10 Top DNS Record Types

DNS servers create a DNS record to provide important information about a domain or hostname, particularly its current IP address. The most common DNS record types are:

Address Mapping record (A Record)—also known as a DNS host record, stores a hostname and its corresponding IPv4 address.
IP Version 6 Address record (AAAA Record)—stores a hostname and its corresponding IPv6 address.
Canonical Name record (CNAME Record)—can be used to alias a hostname to another hostname. When a DNS client requests a record containing a CNAME that points to another hostname, the DNS resolution process is repeated with the new hostname.
Mail exchanger record (MX Record)—specifies an SMTP email server for the domain that routes outgoing emails to an email server.
Name Server records (NS Record)—specifies that a DNS Zone, such as “example.com,” is delegated to a specific Authoritative Name Server and provides the name server’s address.
Reverse-lookup Pointer records (PTR Record)—allows a DNS resolver to provide an IP address and receive a hostname (reverse DNS lookup).
Certificate record (CERT Record)—stores encryption certificates—PKIX, SPKI, PGP, and so on.
Service Location (SRV Record)—a service location record, like MX but for other communication protocols.
Text Record (TXT Record)—typically carries machine-readable data such as opportunistic encryption, sender policy framework, DKIM, DMARC, etc.
Start of Authority (SOA Record)—this record appears at the beginning of a DNS zone file. It indicates the Authoritative Name Server for the current DNS zone, contact details for the domain administrator, domain serial number, and information on how frequently DNS information for this zone should be refreshed.

DNS Can Do Much More

Now that we’ve covered the major types of traditional DNS infrastructure, you should know that DNS can be more than just the “plumbing” of the Internet. Advanced DNS solutions can help do some fantastic things, including:

Global server load balancing (GSLB): fast routing of connections between globally distributed data centers
Multi CDN: routing users to the CDN that will provide the best experience
Geographical routing: identifying the physical location of each user and ensuring they are routed to the nearest possible resource
Data center and cloud migration: moving traffic in a controlled manner from on-premise resources to cloud resources
Internet traffic management: reducing network congestion and ensuring traffic flows to the appropriate resource in an optimal manner

These capabilities are made possible by next-generation DNS servers that can intelligently route and filter traffic. Learn more about NS1’s intelligent DNS platform and take DNS to the next level.

Resource:

https://ns1.com/resources/dns-types-records-servers-and-queries

Get Updates And Stay Connected -Subscribe To Our Newsletter

SOVERGENCE

Security Oriented Convergence refers to the integration and unification of physical security, cybersecurity, and operational security systems and processes into a cohesive framework. The goal of this approach is to create a more resilient, comprehensive security posture that addresses both digital and physical threats effectively.