DNS records: verschil tussen versies
| Regel 187: | Regel 187: | ||
* '''mail.example.com''' is the hostname of the mail server responsible for handling email for example.com. The "." indicates again a final address. | * '''mail.example.com''' is the hostname of the mail server responsible for handling email for example.com. The "." indicates again a final address. | ||
| + | === Subdomains === | ||
| + | You can have separate MX entries for subdomains, and these entries operate indipendently of each other. | ||
| − | + | As an example, consider these MX entries: | |
| + | |||
| + | <pre> | ||
| + | example.com. MX 10 mail.example.com. | ||
| + | feedback.example.com. MX 10 feedback-mail.example.com. | ||
| + | </pre> | ||
| + | |||
| + | * Email send to <code>user@example.com</code> will be routed to <code>mail.example.com</code> | ||
| + | * Email send to <code>user@feedback.example.com</code> will be routed to <code>feedback-mail.example.com</code> | ||
== NS records == | == NS records == | ||
Huidige versie van 26 mrt 2024 om 17:38
DNS or Dynamic Name System, is the signpost system for the Internet. Active domain names, have one or more DNS records associated with them. Let's have a closer look at these DNS records in this article.
DNS record fields
DNS records usually consist of about four fields, with some extra fields added by some providers:
| Part | Alternative names & notes |
|---|---|
| Name |
|
| Type |
|
| TTL |
|
| Value |
|
| Proxy status | CloudFlare-specific field |
| Comment | CloudFlare-specific field - Might be usefull |
Record types - Overview
| Type | Name | Notes |
|---|---|---|
| A | IPv4 A record | IPv4 address of the site |
| AAAA | IPv6 AAAA record | IPv6 address of the site |
| CNAME | Canonical name record | To alias one domain name to another; to create aliases or nicknames for a domain, pointing one domain to the canonical (official) name of another domain |
| MX | Mail Exchange record | Address of the email server for this domain |
| NS | Name Server record | NS records specify the authoritative name servers for a domain or subdomain |
| TXT | TXT record | For storing arbitrary text, typically things that don't fit anywhere else |
CNAME records
CNAME (Canonical Name) records are used to create an alias or nickname for a domain. They allow one domain to be mapped or pointed to another domain. CNAME records are commonly used when you want a particular domain or subdomain to resolve to the same IP address as another domain.
Some aspects
Alias Creation: CNAME records are used to create an alias for a domain. For example, if you have a website accessible at www.example.com and you want blog.example.com to point to the same location, you can create a CNAME record for blog.example.com that points to www.example.com.
Canonical Name: The term "Canonical Name" implies the true or official name. In the context of CNAME records, it means that the alias (CNAME) points to the canonical (official) name of the domain.
No IP Address Directly: CNAME records do not contain IP addresses directly. Instead, they point to the canonical domain name, and the IP address is resolved by looking up the A (Address) or AAAA (IPv6 Address) records associated with the canonical name.
Use Cases: CNAME records are commonly used for creating subdomain aliases, implementing content delivery networks (CDNs), and simplifying domain management by pointing multiple domain names to a single server.
Propagation Time: Changes to CNAME records may take some time to propagate throughout the DNS system. This propagation delay is due to DNS caching at various levels, and it can take up to 48 hours for changes to be widely recognized.
Trailing dot
Note the dot at the end of a CNAME record like:
Name Type Value ---------- ----- ------------------------- autoconfig CNAME autoconfig.transip.email.
In DNS, the dot at the end indicates that the domain name is a fully qualified domain name (FQDN).
It seems similar to having a trailing / at the end of an Apache Redirect statement, e.g.:
Redirect / https://example.com/
When this trailing dot at the second argument is omitted, redirects may end up looking like
http://example.comhttps://example.com
More about this trailing dot:
Fully Qualified Domain Name (FQDN): An FQDN represents the complete and unambiguous domain name of a specific host or resource in the DNS hierarchy. It includes the top-level domain (TLD), domain, subdomains, and the final hostname.
Root of the DNS Hierarchy: The dot (.) at the end signifies the root of the DNS hierarchy. It is the top-level domain that encompasses all other domains. When you include the dot, you are explicitly stating that the domain is fully specified, and it is not relative to the current domain or any specific DNS search path.
Prevents DNS Search Path Appending: Without the trailing dot, the DNS resolver might append the domain name to the end of the current domain's search path, potentially leading to unexpected behavior. Including the dot ensures that the domain is treated as an absolute, fully qualified domain name.
Examples
Some examples of DNS entries for domain example.com:
Name Type Value ---------- ----- ------------------------- autoconfig CNAME autoconfig.transip.email.
In this first example, URL autoconfig.example.com is redirected to the FQDN (hence trailing dot) autoconfig.transip.eimail. Concerning this specific example from TransIP: When you type in the url autoconfig.example.com (but with a domain name registered with TransIP), you are redirected to the webmail page. Mail clients will find other information at the destination, though.
Name Type Value -------- ----- ----- @ A 12.34.56.78 www CNAME @ blog CNAME @ www.blog CNAME @
CNAME send record
And now for some problems:
Name Type Value ---- ----- --------------------- send CNAME abc.123.sendgrid.net. send NS ns1.klaviyo.com send NS ns2.klaviyo.com send NS ns3.klaviyo.com send NS ns4.klaviyo.com
- The three last entries, are NS records, meaning that DNS entries for subdomain send.example.com are deligated to the mentioned four Klaviyo servers
- The first entry is a regular CNAME record, meaning that URL send.example.com is redirected to URL abc.123.sendgrid.net
The problem here is, that CNAME records need to be unique - No other records are allowed to have the same name.
MX records
MX (Mail Exchange) records or entries, are used to specify the mail server responsible for receiving email messages on behalf of a domain.
General
When someone sends an email to an address within a particular domain (e.g., user@example.com), the sending mail server looks up the MX records for the recipient's domain to determine where to deliver the email. The MX records point to one or more mail servers that are designated to handle incoming email for that domain.
MX records consist of two main components:
- Priority: This is a numeric value indicating the priority of the mail server. Lower values indicate higher priority. When multiple MX records are present for a domain, the sending mail server will attempt to deliver email to the server with the lowest priority first. If that server is unavailable, it will try the next one with a higher priority, and so on
- Mail server hostname: This is the domain name of the mail server responsible for receiving emails for the domain. It can be either a fully qualified domain name (FQDN) or an IP address.
Example
Let's look at the different parts of the DNS entry:
example.com. IN MX 10 mail.example.com.
- example.com is the domain for which the MX record is set. The trailing "." indicates that this address is final - No stuff can be concatenated
- IN indicates the class of the record (in this case, Internet) - I think this field is usually hidden
- MX specifies the type of record.
- 10 is the priority value.
- mail.example.com is the hostname of the mail server responsible for handling email for example.com. The "." indicates again a final address.
Subdomains
You can have separate MX entries for subdomains, and these entries operate indipendently of each other.
As an example, consider these MX entries:
example.com. MX 10 mail.example.com. feedback.example.com. MX 10 feedback-mail.example.com.
- Email send to
user@example.comwill be routed tomail.example.com - Email send to
user@feedback.example.comwill be routed tofeedback-mail.example.com
NS records
DNS NS (Name Server) records are a type of DNS (Domain Name System) record that specifies the authoritative name servers for a domain. These authoritative name servers are responsible for providing information about the domain, including the mapping of domain names to IP addresses. NS records play a crucial role in the DNS hierarchy and the delegation of domains:
Overview
Authoritative Name Servers: NS records indicate the authoritative name servers that hold the official DNS records for a specific domain. These servers are responsible for resolving queries related to that domain.
Delegation of Subdomains: NS records are used to delegate subdomains to different name servers. For example, if a domain owner wants to delegate the authority for a subdomain (e.g., subdomain.example.com) to a different set of name servers, NS records are used to specify those authoritative name servers.
Example NS record for delegation:
example.com. IN NS ns1.example.net.
An example of using NS records, may be when a company owns e.g., .com.es and rents out various subdomains to this domain name. For each such subdomain, a NS record could be used to allow the leasee to manager the DNS entries of his/her subdomain.
See also the example concerning send in an earlier chapter.
Multiple NS Records: It's common to have multiple NS records for redundancy and load balancing. These records list the authoritative name servers for the domain, and DNS resolvers can use any of them to obtain DNS information.
Example with multiple NS records:
example.com. IN NS ns1.example.net. example.com. IN NS ns2.example.net.
Propagation Time
I have the impression that propagation of NS entries is differently from other DNS entries, and that changes can be near-instantaneous.
Trailing dot
NS entries usually have a trailing dot, similar to CNAME entries, as discussed elsewhere. However, CloudFlare strips these trailing dots - So it's fine to do without (at least, at CloudFlare).
Send records
Conflict
Let's look again at these DNS entries from en earlier example:
Name Type Value ---- ----- --------------------- send CNAME abc.123.sendgrid.net. send NS ns1.klaviyo.com send NS ns2.klaviyo.com send NS ns3.klaviyo.com send NS ns4.klaviyo.com
What happens here:
- SendGrid wants URL send.example.com to be redirecte to a server of them
- Klaviyo wants to completely overtake DNS management for subdomain send.example.com
To put it differently: This domain name makes use of two services that both want to use the send subdomain for their own purposes.
Purposes
What are these subdomains send. used for anyway?
Email Sending: The subdomain "send" might be used for sending emails. For instance, you could configure it to handle outgoing email traffic, and services like transactional email providers or marketing email platforms might use subdomains for this purpose (e.g., send.example.com).
File or Data Sending Service: It could be set up to host a service for sending files or data. This might include services for sharing large files, transmitting data securely, or facilitating data transfers between systems.
Marketing Campaigns: In some cases, organizations use specific subdomains for marketing campaigns or promotions. A "send" subdomain might be utilized for tracking click-through rates or managing links associated with marketing materials.
Custom Application: The subdomain might be dedicated to a specific application or functionality, such as a web application that involves sending information, messages, or notifications.
Custom Configuration: Ultimately, the use of a "send" subdomain is not standardized, and it could be entirely customized based on the needs and preferences of the domain owner. It could be set up for any purpose that involves sending information, communication, or data.