Skip to main content

The 2-minute DNS guide

DNS is the "glue" that holds everything together.

A
Written by Admin account
Updated over a week ago


The main function of DNS is to map names to IP addresses. Although machines are perfectly fine with using numbers to communicate, people aren't (especially with the gazilion of Internet devices these days).

But DNS is not just a server with records for other servers. The DNS system spans the globe , and is comprised by a hierarchy of organisational units, resembling a tree. At the root, there is ICANN, a nonprofit organisation responsible for policy, creation and management of new top-level domains (such as .com, and .uk) as well as for operating the root name servers, and managing the IPv4 and IPv6 address space. 

Then there are the top-level domain registries  (companies like VeriSign) which own and sell "in bulk" top-level domains to the registrars, which organisationally fall under them. Domain registrars are the companies you go to buy a domain for your website.

At the final level of the organisation, there is the domain (which you are responsible for) and its records. The nameserver that you select to hold the records of your domain, is called the authoritative name server. Meaning that it is this nameserver that holds the "official" records for your domain. 

The DNS protocol describes a lot of different records for different purposes but the most common ones you will work with are A, AAAA, CNAME, TXT and MX records:

Address (A)

The Address (or simply A) record, is probably the most fundamental and widely used. It is the one that maps names to IP addresses. For example, the following record:

yourwebsite.com. IN A 23.9.62.14 

will map the domain yourwebsite.com to IP address 23.9.62.14. The IP address is usually given to you by your hosting provider.  

Note: Pressidium websites might use two (2) or more A records depending on the website type and domain name.

"Quad A" (AAAA)

An AAAA (Quad A) record is similar to an A record, but it maps a domain to an IPv6 address instead of an IPv4 address (e.g., example.com → 2001:0db8::1).

Note: Pressidium websites might use two (2) or more AAAA records depending on the website type and domain name.

Canonical Name (CNAME)

The CNAME record is used to create a host alias. Instead of pointing directly to an IP address like an A record, a CNAME points to another domain name. This is typically used when you need to have multiple hostnames (www,ftp,mail) to point to the same domain. For example, the same server could also be responsible for ftp, or mail. For example:

www        IN      CNAME  yourwebsite.com. 

will create an 'www' alias to yourwebsite.com, so that when someone connects to www.yourwebsite.com, will be redirected to yourwebsite.com. An advantage of CNAME records is that if the target domain’s IP changes, you don’t need to update the CNAME. It always follows the canonical target. CNAME records do have some limitations:

  • Cannot be used at the apex (root) domain (see notes below for exceptions)

  • CNAME must be the only record for that hostname. You can’t have an A record and CNAME for the same name.

Mail Exchange (MX)

The MX record is used to define the A record that will handle all incoming email for that domain. For example, if you want mail.yourwebsite.com to handle all mail addressed to yourwebsite.com , you use the following MX records:

website.com. MX 10 mail.website.com 

website.com. MX 20 mail-backup.website.com

The number next to the MX string corresponds to priority. If for some reason mail.website.com becomes unavailable, then all mail will be handled by mail-backup.website.com.

Text Record (TXT)

A type of DNS record used to store arbitrary text data. It was originally intended for human-readable notes but is now primarily used for verification and security purposes. Some of the most common uses include:

Domain Ownership Verification: Used by services to verify you own the domain.

Example:    google-site-verification=abc123xyz

Email Security & Anti-Spam Measures:

e.g. SPF (Sender Policy Framework): Specifies which mail servers are allowed to send email on behalf of your domain.

v=spf1 include:_spf.google.com ~all

DKIM (DomainKeys Identified Mail): Stores the public key used to verify that email messages aren't tampered with.

v=DKIM1; k=rsa; p=MIGfMA0G...base64encodedkey

DMARC (Domain-based Message Authentication, Reporting, and Conformance): Provides instructions to mail servers on how to handle authentication failures.

v=DMARC1; p=none; rua=mailto:dmarc-reports@example.com

Additional DNS Glossary

Redirect Domain

A redirect domain automatically forwards visitors from one domain to another. For instance, if myblog.net redirects to myblog.com, any traffic to the former will be sent to the latter (this is achieved via HTTP redirects).

Subdomain

A subdomain is a prefix added to a domain to organize or separate content (e.g., blog.example.com or shop.example.com). It is part of the larger domain hierarchy.

Wildcard Domain

A wildcard domain uses an asterisk * to represent all possible subdomains (e.g., *.example.com). This is often used to apply DNS settings or SSL certificates to every subdomain.

*.example.com → all subdomains like: 

- support.example.com 
- mail.example.com 
- any.example.com

Apex Domain

An apex domain, also known as a "naked" domain, is a domain name without any subdomains. It's the root or base of the domain — the simplest possible form.

Examples:

  • Apex/Naked Domain: example.com

  • Subdomain: www.example.com, blog.example.com, shop.example.com

Characteristics:

  • No prefix like www or mail.

  • It's what you register when you buy a domain.

  • Often used as the primary version of a website, though many sites redirect from example.com to www.example.com or vice versa.

In DNS context, apex domains can be tricky because:

  • Traditionally, you can't set a CNAME record at the apex (since it conflicts with other necessary records like NS and SOA). While this is not allowed per-se by the respective RFCs, many popular DNS providers support setting a CNAME record at the apex domain by using CNAME flattening (refer below).

  • Alternatively, DNS providers often use ALIAS or ANAME records to let you point an apex domain to services that require a CNAME record at the apex domain level.

CNAME Flattening

CNAME flattening is a DNS feature that allows you to use CNAME-like behavior at the apex domain level (which normally only supports A or AAAA records). It resolves the target of the CNAME to an IP address and returns that instead. CNAME Flattening support varies by DNS provider, most popular providers support it.

Top Level Domain (TLD)

A TLD is the last segment of a domain name after the final dot (e.g., .com, .org, .net, .io). It signifies the domain's category or country association.

Examples:

  • .com (commercial)

  • .org (organization)

  • .net (network)

  • .ai (AI related)

  • .uk, .jp, .fr (country-code TLDs)

example.com → TLD = .com



Did this answer your question?